{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-28T09:55:08.992","vulnerabilities":[{"cve":{"id":"CVE-2006-4019","sourceIdentifier":"cve@mitre.org","published":"2006-08-11T21:04:00.000","lastModified":"2026-06-16T22:28:16.320","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Dynamic variable evaluation vulnerability in compose.php in SquirrelMail 1.4.0 to 1.4.7 allows remote attackers to overwrite arbitrary program variables and read or write the attachments and preferences of other users."},{"lang":"es","value":"Vulnerabilidad de evaluación de variable dinámica en compose.php en SquirrelMail 1.4.0 hasta la versión 1.4.7 permite a atacantes remotos sobreescribir variables del programa arbitrarias y leer o escribir los archivos adjuntos y preferencias de otros usuarios."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:N","baseScore":6.4,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:squirrelmail:squirrelmail:1.4.0:*:*:*:*:*:*:*","matchCriteriaId":"2C179A3C-8C8C-429B-BACA-8ADAE4170465"},{"vulnerable":true,"criteria":"cpe:2.3:a:squirrelmail:squirrelmail:1.4.1:*:*:*:*:*:*:*","matchCriteriaId":"4AD31177-05BB-4623-AED7-765DB7E44E47"},{"vulnerable":true,"criteria":"cpe:2.3:a:squirrelmail:squirrelmail:1.4.2:*:*:*:*:*:*:*","matchCriteriaId":"20247A22-9AB9-4BCE-BF28-350B52FBC62D"},{"vulnerable":true,"criteria":"cpe:2.3:a:squirrelmail:squirrelmail:1.4.3:*:*:*:*:*:*:*","matchCriteriaId":"79E6734C-EE1C-40B6-9759-15298707A6F5"},{"vulnerable":true,"criteria":"cpe:2.3:a:squirrelmail:squirrelmail:1.4.3_r3:*:*:*:*:*:*:*","matchCriteriaId":"F6733B8C-5A9E-45CE-8938-F39A69EB0DC1"},{"vulnerable":true,"criteria":"cpe:2.3:a:squirrelmail:squirrelmail:1.4.3_rc1:*:*:*:*:*:*:*","matchCriteriaId":"B08E51F1-3764-4146-89C1-20B9B8EE1222"},{"vulnerable":true,"criteria":"cpe:2.3:a:squirrelmail:squirrelmail:1.4.3a:*:*:*:*:*:*:*","matchCriteriaId":"CD4071B2-3D4F-4755-98B1-E28CEB05EA8B"},{"vulnerable":true,"criteria":"cpe:2.3:a:squirrelmail:squirrelmail:1.4.4:*:*:*:*:*:*:*","matchCriteriaId":"BF6591E5-5F36-4663-85A6-9D870FD49FC7"},{"vulnerable":true,"criteria":"cpe:2.3:a:squirrelmail:squirrelmail:1.4.4_rc1:*:*:*:*:*:*:*","matchCriteriaId":"D062B70A-E5FF-403B-8BD1-777D6462B7CC"},{"vulnerable":true,"criteria":"cpe:2.3:a:squirrelmail:squirrelmail:1.4.5:*:*:*:*:*:*:*","matchCriteriaId":"4D4CFD4D-EAC3-4325-A87F-9D5F4C513208"},{"vulnerable":true,"criteria":"cpe:2.3:a:squirrelmail:squirrelmail:1.4.6:*:*:*:*:*:*:*","matchCriteriaId":"3A884536-4D27-4350-B815-AB4E625879DC"},{"vulnerable":true,"criteria":"cpe:2.3:a:squirrelmail:squirrelmail:1.4.6_rc1:*:*:*:*:*:*:*","matchCriteriaId":"C7ED3CC3-E0A8-4C20-9EF7-405CD32E9EF7"},{"vulnerable":true,"criteria":"cpe:2.3:a:squirrelmail:squirrelmail:1.4.7:*:*:*:*:*:*:*","matchCriteriaId":"BD89F143-EEBF-472D-9653-E7534F5799FF"},{"vulnerable":true,"criteria":"cpe:2.3:a:squirrelmail:squirrelmail:1.4_rc1:*:*:*:*:*:*:*","matchCriteriaId":"442BF5C9-DC58-4A94-A634-33D6A4F3C6DD"},{"vulnerable":true,"criteria":"cpe:2.3:a:squirrelmail:squirrelmail:1.44:*:*:*:*:*:*:*","matchCriteriaId":"A0C44025-C79D-4791-8EF6-3E26786E194E"}]}]}],"references":[{"url":"ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc","source":"cve@mitre.org"},{"url":"http://attrition.org/pipermail/vim/2006-August/000970.html","source":"cve@mitre.org"},{"url":"http://docs.info.apple.com/article.html?artnum=306172","source":"cve@mitre.org"},{"url":"http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html","source":"cve@mitre.org"},{"url":"http://marc.info/?l=full-disclosure&m=115532449024178&w=2","source":"cve@mitre.org"},{"url":"http://secunia.com/advisories/21354","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"http://secunia.com/advisories/21444","source":"cve@mitre.org"},{"url":"http://secunia.com/advisories/21586","source":"cve@mitre.org"},{"url":"http://secunia.com/advisories/22080","source":"cve@mitre.org"},{"url":"http://secunia.com/advisories/22104","source":"cve@mitre.org"},{"url":"http://secunia.com/advisories/22487","source":"cve@mitre.org"},{"url":"http://secunia.com/advisories/26235","source":"cve@mitre.org"},{"url":"http://securitytracker.com/id?1016689","source":"cve@mitre.org"},{"url":"http://www.debian.org/security/2006/dsa-1154","source":"cve@mitre.org"},{"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:147","source":"cve@mitre.org"},{"url":"http://www.novell.com/linux/security/advisories/2006_23_sr.html","source":"cve@mitre.org"},{"url":"http://www.osvdb.org/27917","source":"cve@mitre.org"},{"url":"http://www.redhat.com/support/errata/RHSA-2006-0668.html","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/archive/1/442980/100/0/threaded","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/archive/1/442993/100/0/threaded","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/bid/19486","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/bid/25159","source":"cve@mitre.org"},{"url":"http://www.squirrelmail.org/patches/sqm1.4.7-expired-post-fix-full.patch","source":"cve@mitre.org","tags":["Patch"]},{"url":"http://www.squirrelmail.org/security/issue/2006-08-11","source":"cve@mitre.org","tags":["Patch"]},{"url":"http://www.vupen.com/english/advisories/2006/3271","source":"cve@mitre.org"},{"url":"http://www.vupen.com/english/advisories/2007/2732","source":"cve@mitre.org"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/28365","source":"cve@mitre.org"},{"url":"https://issues.rpath.com/browse/RPL-577","source":"cve@mitre.org"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11533","source":"cve@mitre.org"},{"url":"ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://attrition.org/pipermail/vim/2006-August/000970.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://docs.info.apple.com/article.html?artnum=306172","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://marc.info/?l=full-disclosure&m=115532449024178&w=2","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/21354","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"http://secunia.com/advisories/21444","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/21586","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/22080","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/22104","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/22487","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/26235","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://securitytracker.com/id?1016689","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.debian.org/security/2006/dsa-1154","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:147","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.novell.com/linux/security/advisories/2006_23_sr.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.osvdb.org/27917","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.redhat.com/support/errata/RHSA-2006-0668.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/archive/1/442980/100/0/threaded","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/archive/1/442993/100/0/threaded","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/19486","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/25159","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.squirrelmail.org/patches/sqm1.4.7-expired-post-fix-full.patch","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"http://www.squirrelmail.org/security/issue/2006-08-11","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"http://www.vupen.com/english/advisories/2006/3271","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.vupen.com/english/advisories/2007/2732","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/28365","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://issues.rpath.com/browse/RPL-577","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11533","source":"af854a3a-2127-422b-91ae-364da2661108"}],"evaluatorSolution":"This vulnerability is addressed in the following product release:\r\nSquirrelMail, SquirrelMail, 1.4.8"}}]}