What is the severity of CVE-2004-0521?

CVE-2004-0521 has a moderate severity level due to the potential for unauthorized access through SQL injection.

How do I fix CVE-2004-0521?

To fix CVE-2004-0521, upgrade SquirrelMail to version 1.4.3 RC1 or later, which addresses the SQL injection vulnerability.

Which versions of SquirrelMail are affected by CVE-2004-0521?

CVE-2004-0521 affects SquirrelMail versions 1.0.4 through 1.4.2.

Can CVE-2004-0521 lead to data loss?

CVE-2004-0521 can potentially allow attackers to execute unauthorized SQL commands, which could lead to data exposure or loss.

What is the impact of exploiting CVE-2004-0521?

Exploiting CVE-2004-0521 may allow attackers to manipulate the database backend, affecting the integrity and confidentiality of stored data.

Vulnerability/
CVE-2004-0521

critical

CWE

NVD-CWE-Other 89

3/6/2004

8/8/2024

CVE-2004-0521: SQL Injection

First published: Thu Jun 03 2004(Updated: )

SQL injection vulnerability in SquirrelMail before 1.4.3 RC1 allows remote attackers to execute unauthorized SQL statements, with unknown impact, probably via abook_database.php.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
SGI ProPack	=3.0
SquirrelMail	=1.0.4
SquirrelMail	=1.0.5
SquirrelMail	=1.2.0
SquirrelMail	=1.2.1
SquirrelMail	=1.2.2
SquirrelMail	=1.2.3
SquirrelMail	=1.2.4
SquirrelMail	=1.2.5
SquirrelMail	=1.2.6
SquirrelMail	=1.2.7
SquirrelMail	=1.2.8
SquirrelMail	=1.2.9
SquirrelMail	=1.2.10
SquirrelMail	=1.2.11
SquirrelMail	=1.4
SquirrelMail	=1.4.1
SquirrelMail	=1.4.2

Remedy

http://www.securityfocus.com/bid/10397

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2004-0521?
CVE-2004-0521 has a moderate severity level due to the potential for unauthorized access through SQL injection.
How do I fix CVE-2004-0521?
To fix CVE-2004-0521, upgrade SquirrelMail to version 1.4.3 RC1 or later, which addresses the SQL injection vulnerability.
Which versions of SquirrelMail are affected by CVE-2004-0521?
CVE-2004-0521 affects SquirrelMail versions 1.0.4 through 1.4.2.
Can CVE-2004-0521 lead to data loss?
CVE-2004-0521 can potentially allow attackers to execute unauthorized SQL commands, which could lead to data exposure or loss.
What is the impact of exploiting CVE-2004-0521?
Exploiting CVE-2004-0521 may allow attackers to manipulate the database backend, affecting the integrity and confidentiality of stored data.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/remedy
agent/weakness
agent/references
agent/author
agent/last-modified-date
agent/severity
agent/description
agent/event
agent/first-publish-date
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
vendor/squirrelmail
product/squirrelmail
canonical/squirrelmail squirrelmail
vendor/sgi
product/propack
canonical/sgi propack
version/sgi propack/3.0
canonical/squirrelmail
version/squirrelmail/1.0.4
version/squirrelmail/1.0.5
version/squirrelmail/1.2.0
version/squirrelmail/1.2.1
version/squirrelmail/1.2.2
version/squirrelmail/1.2.3
version/squirrelmail/1.2.4
version/squirrelmail/1.2.5
version/squirrelmail/1.2.6
version/squirrelmail/1.2.7
version/squirrelmail/1.2.8
version/squirrelmail/1.2.9
version/squirrelmail/1.2.10
version/squirrelmail/1.2.11
version/squirrelmail/1.4
version/squirrelmail/1.4.1
version/squirrelmail/1.4.2