CVE-2005-1308 — HIGH (7.5) — White Hats Nepal

Vulnerability Description

SqWebMail allows remote attackers to inject arbitrary web script or HTML via CRLF sequences in the redirect parameter followed by the desired script or HTML.

CVSS Score

7.5

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Inter7	Sqwebmail	3.4.1

References

http://secunia.com/advisories/15119
http://www.securityfocus.com/bid/13374
http://secunia.com/advisories/15119
http://www.securityfocus.com/bid/13374

FAQ

What is CVE-2005-1308?

CVE-2005-1308 is a vulnerability with a CVSS score of 7.5 (HIGH). SqWebMail allows remote attackers to inject arbitrary web script or HTML via CRLF sequences in the redirect parameter followed by the desired script or HTML.

How severe is CVE-2005-1308?

CVE-2005-1308 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2005-1308?

Check the references section above for vendor advisories and patch information. Affected products include: Inter7 Sqwebmail.