CVE-2005-0075
prefs.php in SquirrelMail before 1.4.4, with register_globals enabled, allows remote attackers to inject local code into the SquirrelMail code via custom preference handlers.
Date published : 2005-02-06
http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html