openSUSE 10 Security Update : squirrelmail (squirrelmail-3944)
Medium Nessus Plugin ID 27458
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThis update of squirrelmail fixes two cross-site-scripting vulnerabilities that can be used by an attacker to read opened emails (CVE-2007-1262) and to send email on behalf of the user (CVE-2007-2589).
This is a reissue of the previous update due to regressions.
SolutionUpdate the affected squirrelmail package.