CVE-2007-6348 (GCVE-0-2007-6348)

Vulnerability from cvelistv5 – Published: 2007-12-14 19:00 – Updated: 2024-08-07 16:02
VLAI?
Summary
SquirrelMail 1.4.11 and 1.4.12, as distributed on sourceforge.net before 20071213, has been externally modified to create a Trojan Horse that introduces a PHP remote file inclusion vulnerability, which allows remote attackers to execute arbitrary code.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://marc.info/?l=squirrelmail-devel&m=11976523… mailing-listx_refsource_MLIST
http://www.securityfocus.com/archive/1/485037/100… mailing-listx_refsource_BUGTRAQ
http://marc.info/?l=bugtraq&m=119765643909825&w=2 mailing-listx_refsource_BUGTRAQ
http://secunia.com/advisories/28095 third-party-advisoryx_refsource_SECUNIA
http://www.squirrelmail.org/index.php x_refsource_CONFIRM
http://marc.info/?l=squirrelmail-devel&m=11975646… mailing-listx_refsource_MLIST
http://osvdb.org/42633 vdb-entryx_refsource_OSVDB
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:02:36.366Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[squirrelmail-devel] 20071214 Re: [SM-DEVEL] SECURITY: 1.4.12 Package Compromise",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=squirrelmail-devel\u0026m=119765235203392\u0026w=2"
          },
          {
            "name": "20071213 SECURITY: 1.4.12 Package Compromise",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/485037/100/0/threaded"
          },
          {
            "name": "20071214 ANNOUNCE: SquirrelMail 1.4.13 Released",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=119765643909825\u0026w=2"
          },
          {
            "name": "28095",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28095"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squirrelmail.org/index.php"
          },
          {
            "name": "[squirrelmail-devel] 20071213 [SM-DEVEL] SECURITY: 1.4.12 Package Compromise",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=squirrelmail-devel\u0026m=119756462212214\u0026w=2"
          },
          {
            "name": "42633",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/42633"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-12-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "SquirrelMail 1.4.11 and 1.4.12, as distributed on sourceforge.net before 20071213, has been externally modified to create a Trojan Horse that introduces a PHP remote file inclusion vulnerability, which allows remote attackers to execute arbitrary code."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "[squirrelmail-devel] 20071214 Re: [SM-DEVEL] SECURITY: 1.4.12 Package Compromise",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://marc.info/?l=squirrelmail-devel\u0026m=119765235203392\u0026w=2"
        },
        {
          "name": "20071213 SECURITY: 1.4.12 Package Compromise",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/485037/100/0/threaded"
        },
        {
          "name": "20071214 ANNOUNCE: SquirrelMail 1.4.13 Released",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=119765643909825\u0026w=2"
        },
        {
          "name": "28095",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28095"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squirrelmail.org/index.php"
        },
        {
          "name": "[squirrelmail-devel] 20071213 [SM-DEVEL] SECURITY: 1.4.12 Package Compromise",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://marc.info/?l=squirrelmail-devel\u0026m=119756462212214\u0026w=2"
        },
        {
          "name": "42633",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/42633"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2007-6348",
    "datePublished": "2007-12-14T19:00:00",
    "dateReserved": "2007-12-14T00:00:00",
    "dateUpdated": "2024-08-07T16:02:36.366Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:squirrelmail:squirrelmail:1.4.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"682BC5E2-F2C5-4B6F-8EF0-E05152BB9B12\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:squirrelmail:squirrelmail:1.4.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ABC24558-B7C1-4DE7-BC24-AF092DF0DE97\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"SquirrelMail 1.4.11 and 1.4.12, as distributed on sourceforge.net before 20071213, has been externally modified to create a Trojan Horse that introduces a PHP remote file inclusion vulnerability, which allows remote attackers to execute arbitrary code.\"}, {\"lang\": \"es\", \"value\": \"SquirrelMail versiones 1.4.11 y 1.4.12, distribuidas en sourceforge.net versiones anteriores a 20071213, se han modificado externamente para crear un Caballo de Troya que introduce una vulnerabilidad de inclusi\\u00f3n remota de archivos PHP, que permite a los atacantes remotos ejecutar c\\u00f3digo arbitrario.\"}]",
      "id": "CVE-2007-6348",
      "lastModified": "2024-11-21T00:39:55.910",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2007-12-14T19:46:00.000",
      "references": "[{\"url\": \"http://marc.info/?l=bugtraq\u0026m=119765643909825\u0026w=2\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://marc.info/?l=squirrelmail-devel\u0026m=119756462212214\u0026w=2\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://marc.info/?l=squirrelmail-devel\u0026m=119765235203392\u0026w=2\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://osvdb.org/42633\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/28095\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/485037/100/0/threaded\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.squirrelmail.org/index.php\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=119765643909825\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=squirrelmail-devel\u0026m=119756462212214\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=squirrelmail-devel\u0026m=119765235203392\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://osvdb.org/42633\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/28095\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/485037/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.squirrelmail.org/index.php\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "secalert@redhat.com",
      "vendorComments": "[{\"organization\": \"Red Hat\", \"comment\": \"The versions of SquirrelMail packages shipped in Red Hat Enterprise Linux 3, 4, and 5 were not affected by this issue.  In addition, the Red Hat Security Response Team have verified that the malicious code is not part of released Red Hat Enterprise Linux squirrelmail packages.\\n\", \"lastModified\": \"2007-12-17T00:00:00\"}]",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-94\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2007-6348\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2007-12-14T19:46:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"SquirrelMail 1.4.11 and 1.4.12, as distributed on sourceforge.net before 20071213, has been externally modified to create a Trojan Horse that introduces a PHP remote file inclusion vulnerability, which allows remote attackers to execute arbitrary code.\"},{\"lang\":\"es\",\"value\":\"SquirrelMail versiones 1.4.11 y 1.4.12, distribuidas en sourceforge.net versiones anteriores a 20071213, se han modificado externamente para crear un Caballo de Troya que introduce una vulnerabilidad de inclusi\u00f3n remota de archivos PHP, que permite a los atacantes remotos ejecutar c\u00f3digo arbitrario.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:squirrelmail:squirrelmail:1.4.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"682BC5E2-F2C5-4B6F-8EF0-E05152BB9B12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:squirrelmail:squirrelmail:1.4.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABC24558-B7C1-4DE7-BC24-AF092DF0DE97\"}]}]}],\"references\":[{\"url\":\"http://marc.info/?l=bugtraq\u0026m=119765643909825\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=squirrelmail-devel\u0026m=119756462212214\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=squirrelmail-devel\u0026m=119765235203392\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://osvdb.org/42633\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/28095\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/485037/100/0/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.squirrelmail.org/index.php\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=119765643909825\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=squirrelmail-devel\u0026m=119756462212214\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=squirrelmail-devel\u0026m=119765235203392\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://osvdb.org/42633\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/28095\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/485037/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.squirrelmail.org/index.php\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"vendorComments\":[{\"organization\":\"Red Hat\",\"comment\":\"The versions of SquirrelMail packages shipped in Red Hat Enterprise Linux 3, 4, and 5 were not affected by this issue.  In addition, the Red Hat Security Response Team have verified that the malicious code is not part of released Red Hat Enterprise Linux squirrelmail packages.\\n\",\"lastModified\":\"2007-12-17T00:00:00\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.