Unrated severityNVD Advisory· Published Aug 11, 2006· Updated Jun 16, 2026
CVE-2006-4019
CVE-2006-4019
Description
Dynamic variable evaluation vulnerability in compose.php in SquirrelMail 1.4.0 to 1.4.7 allows remote attackers to overwrite arbitrary program variables and read or write the attachments and preferences of other users.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
16cpe:2.3:a:squirrelmail:squirrelmail:1.4.0:*:*:*:*:*:*:*+ 15 more
- cpe:2.3:a:squirrelmail:squirrelmail:1.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:squirrelmail:squirrelmail:1.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:squirrelmail:squirrelmail:1.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:squirrelmail:squirrelmail:1.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:squirrelmail:squirrelmail:1.4.3a:*:*:*:*:*:*:*
- cpe:2.3:a:squirrelmail:squirrelmail:1.4.3_r3:*:*:*:*:*:*:*
- cpe:2.3:a:squirrelmail:squirrelmail:1.4.3_rc1:*:*:*:*:*:*:*
- cpe:2.3:a:squirrelmail:squirrelmail:1.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:squirrelmail:squirrelmail:1.44:*:*:*:*:*:*:*
- cpe:2.3:a:squirrelmail:squirrelmail:1.4.4_rc1:*:*:*:*:*:*:*
- cpe:2.3:a:squirrelmail:squirrelmail:1.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:squirrelmail:squirrelmail:1.4.6:*:*:*:*:*:*:*
- cpe:2.3:a:squirrelmail:squirrelmail:1.4.6_rc1:*:*:*:*:*:*:*
- cpe:2.3:a:squirrelmail:squirrelmail:1.4.7:*:*:*:*:*:*:*
- cpe:2.3:a:squirrelmail:squirrelmail:1.4_rc1:*:*:*:*:*:*:*
- (no CPE)range: 1.4.0 - 1.4.7
Patches
Vulnerability mechanics
References
29- secunia.com/advisories/21354nvdPatchVendor Advisory
- www.squirrelmail.org/patches/sqm1.4.7-expired-post-fix-full.patchnvdPatch
- www.squirrelmail.org/security/issue/2006-08-11nvdPatch
- patches.sgi.com/support/free/security/advisories/20061001-01-P.ascnvd
- attrition.org/pipermail/vim/2006-August/000970.htmlnvd
- docs.info.apple.com/article.htmlnvd
- lists.apple.com/archives/security-announce//2007/Jul/msg00004.htmlnvd
- marc.infonvd
- secunia.com/advisories/21444nvd
- secunia.com/advisories/21586nvd
- secunia.com/advisories/22080nvd
- secunia.com/advisories/22104nvd
- secunia.com/advisories/22487nvd
- secunia.com/advisories/26235nvd
- securitytracker.com/idnvd
- www.debian.org/security/2006/dsa-1154nvd
- www.mandriva.com/security/advisoriesnvd
- www.novell.com/linux/security/advisories/2006_23_sr.htmlnvd
- www.osvdb.org/27917nvd
- www.redhat.com/support/errata/RHSA-2006-0668.htmlnvd
- www.securityfocus.com/archive/1/442980/100/0/threadednvd
- www.securityfocus.com/archive/1/442993/100/0/threadednvd
- www.securityfocus.com/bid/19486nvd
- www.securityfocus.com/bid/25159nvd
- www.vupen.com/english/advisories/2006/3271nvd
- www.vupen.com/english/advisories/2007/2732nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/28365nvd
- issues.rpath.com/browse/RPL-577nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11533nvd
News mentions
0No linked articles in our index yet.