{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-27T22:26:09.262","vulnerabilities":[{"cve":{"id":"CVE-2007-2589","sourceIdentifier":"cve@mitre.org","published":"2007-05-11T04:20:00.000","lastModified":"2026-06-16T22:39:53.830","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site request forgery (CSRF) vulnerability in compose.php in SquirrelMail 1.4.0 through 1.4.9a allows remote attackers to send e-mails from arbitrary users via certain data in the SRC attribute of an IMG element."},{"lang":"es","value":"Vulnerabilidad de falsificación de petición en sitios cruzados (CSRF) en el compose.php del SquirrelMail 1.4.0 hasta la 1.4.9a permite a atacantes remotos enviar correos electrónicos desde usuarios de su elección, a través de determinados datos en el atributo SRC de un elemento IMG."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:P/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:squirrelmail:squirrelmail:1.4.0:*:*:*:*:*:*:*","matchCriteriaId":"2C179A3C-8C8C-429B-BACA-8ADAE4170465"},{"vulnerable":true,"criteria":"cpe:2.3:a:squirrelmail:squirrelmail:1.4.1:*:*:*:*:*:*:*","matchCriteriaId":"4AD31177-05BB-4623-AED7-765DB7E44E47"},{"vulnerable":true,"criteria":"cpe:2.3:a:squirrelmail:squirrelmail:1.4.2:*:*:*:*:*:*:*","matchCriteriaId":"20247A22-9AB9-4BCE-BF28-350B52FBC62D"},{"vulnerable":true,"criteria":"cpe:2.3:a:squirrelmail:squirrelmail:1.4.3:*:*:*:*:*:*:*","matchCriteriaId":"79E6734C-EE1C-40B6-9759-15298707A6F5"},{"vulnerable":true,"criteria":"cpe:2.3:a:squirrelmail:squirrelmail:1.4.3_r3:*:*:*:*:*:*:*","matchCriteriaId":"F6733B8C-5A9E-45CE-8938-F39A69EB0DC1"},{"vulnerable":true,"criteria":"cpe:2.3:a:squirrelmail:squirrelmail:1.4.3_rc1:*:*:*:*:*:*:*","matchCriteriaId":"B08E51F1-3764-4146-89C1-20B9B8EE1222"},{"vulnerable":true,"criteria":"cpe:2.3:a:squirrelmail:squirrelmail:1.4.3a:*:*:*:*:*:*:*","matchCriteriaId":"CD4071B2-3D4F-4755-98B1-E28CEB05EA8B"},{"vulnerable":true,"criteria":"cpe:2.3:a:squirrelmail:squirrelmail:1.4.3aa:*:*:*:*:*:*:*","matchCriteriaId":"C4AAFE2B-77AB-4AC3-A22C-C3C256E2E45A"},{"vulnerable":true,"criteria":"cpe:2.3:a:squirrelmail:squirrelmail:1.4.4:*:*:*:*:*:*:*","matchCriteriaId":"BF6591E5-5F36-4663-85A6-9D870FD49FC7"},{"vulnerable":true,"criteria":"cpe:2.3:a:squirrelmail:squirrelmail:1.4.4_rc1:*:*:*:*:*:*:*","matchCriteriaId":"D062B70A-E5FF-403B-8BD1-777D6462B7CC"},{"vulnerable":true,"criteria":"cpe:2.3:a:squirrelmail:squirrelmail:1.4.5:*:*:*:*:*:*:*","matchCriteriaId":"4D4CFD4D-EAC3-4325-A87F-9D5F4C513208"},{"vulnerable":true,"criteria":"cpe:2.3:a:squirrelmail:squirrelmail:1.4.6:*:*:*:*:*:*:*","matchCriteriaId":"3A884536-4D27-4350-B815-AB4E625879DC"},{"vulnerable":true,"criteria":"cpe:2.3:a:squirrelmail:squirrelmail:1.4.6_cvs:*:*:*:*:*:*:*","matchCriteriaId":"5CD09187-16B2-4A0C-907C-40375E865EBE"},{"vulnerable":true,"criteria":"cpe:2.3:a:squirrelmail:squirrelmail:1.4.6_rc1:*:*:*:*:*:*:*","matchCriteriaId":"C7ED3CC3-E0A8-4C20-9EF7-405CD32E9EF7"},{"vulnerable":true,"criteria":"cpe:2.3:a:squirrelmail:squirrelmail:1.4.7:*:*:*:*:*:*:*","matchCriteriaId":"BD89F143-EEBF-472D-9653-E7534F5799FF"},{"vulnerable":true,"criteria":"cpe:2.3:a:squirrelmail:squirrelmail:1.4.8:*:*:*:*:*:*:*","matchCriteriaId":"796C453E-D59A-4988-BD91-24F31646D8FC"},{"vulnerable":true,"criteria":"cpe:2.3:a:squirrelmail:squirrelmail:1.4.9:*:*:*:*:*:*:*","matchCriteriaId":"B9851AD9-5093-4482-A632-487C6D104C9D"},{"vulnerable":true,"criteria":"cpe:2.3:a:squirrelmail:squirrelmail:1.4.9a:*:*:*:*:*:*:*","matchCriteriaId":"5BA5BA42-F53A-4E0D-B04C-D70D2291E408"}]}]}],"references":[{"url":"http://docs.info.apple.com/article.html?artnum=306172","source":"cve@mitre.org"},{"url":"http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html","source":"cve@mitre.org"},{"url":"http://osvdb.org/35889","source":"cve@mitre.org"},{"url":"http://secunia.com/advisories/25200","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"http://secunia.com/advisories/25320","source":"cve@mitre.org"},{"url":"http://secunia.com/advisories/25787","source":"cve@mitre.org"},{"url":"http://secunia.com/advisories/26235","source":"cve@mitre.org"},{"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:106","source":"cve@mitre.org"},{"url":"http://www.novell.com/linux/security/advisories/2007_13_sr.html","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/bid/25159","source":"cve@mitre.org"},{"url":"http://www.squirrelmail.org/security/issue/2007-05-09","source":"cve@mitre.org"},{"url":"http://www.vupen.com/english/advisories/2007/1748","source":"cve@mitre.org"},{"url":"http://www.vupen.com/english/advisories/2007/2732","source":"cve@mitre.org"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/34219","source":"cve@mitre.org"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11448","source":"cve@mitre.org"},{"url":"https://rhn.redhat.com/errata/RHSA-2007-0358.html","source":"cve@mitre.org"},{"url":"http://docs.info.apple.com/article.html?artnum=306172","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://osvdb.org/35889","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/25200","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"http://secunia.com/advisories/25320","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/25787","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/26235","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:106","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.novell.com/linux/security/advisories/2007_13_sr.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/25159","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.squirrelmail.org/security/issue/2007-05-09","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.vupen.com/english/advisories/2007/1748","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.vupen.com/english/advisories/2007/2732","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/34219","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11448","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://rhn.redhat.com/errata/RHSA-2007-0358.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}