SquirrelMail Project Team Affected

Notified:  January 28, 2002 Updated: May 30, 2002

Status

Affected

Vendor Statement

"SquirrelMail 1.2.4 is the release that fixed the problem."

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Upgrade SquirrelMail to version 1.2.4 or later, available from http://www.squirrelmail.org/download.php