CVE-2009-1580

Publication date 14 May 2009

Last updated 24 July 2024

Ubuntu priority

Medium

Why this priority?

Description

Session fixation vulnerability in SquirrelMail before 1.4.18 allows remote attackers to hijack web sessions via a crafted cookie.

Status

Package Ubuntu Release Status
squirrelmail 9.10 karmic
Not affected
9.04 jaunty
Fixed 2:1.4.15-4ubuntu0.1
8.10 intrepid
Fixed 2:1.4.15-3ubuntu0.2
8.04 LTS hardy
Fixed 2:1.4.13-2ubuntu1.3
6.06 LTS dapper Ignored end of life

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package Patch details
squirrelmail

References

Other references

Access our resources on patching vulnerabilities