CVE-2010-0464

2010-01-29T18:30:00
ID CVE-2010-0464
Type cve
Reporter cve@mitre.org
Modified 2015-08-24T16:43:00

Description

Roundcube 0.3.1 and earlier does not request that the web browser avoid DNS prefetching of domain names contained in e-mail messages, which makes it easier for remote attackers to determine the network location of the webmail user by logging DNS requests.