Lucene search
MitreCVELIST:CVE-2015-5382HistoryMay 23, 2017 - 3:56 a.m.
CVE-2015-5382
2017-05-2303:56:00
mitre
www.cve.org
program/steps/addressbook/photo.inc in Roundcube Webmail before 1.0.6 and 1.1.x before 1.1.2 allows remote authenticated users to read arbitrary files via the _alt parameter when uploading a vCard.
References
www.openwall.com/lists/oss-security/2015/07/07/2
www.openwall.com/lists/oss-security/2015/07/07/3
github.com/roundcube/roundcubemail/commit/6ccd4c54bcc4cb77365defabe8bbe7d10b2620d4
github.com/roundcube/roundcubemail/commit/e84fafcec22e7b460db03248dc23ed6b053b15c9
github.com/roundcube/roundcubemail/issues/4817
roundcube.net/news/2015/06/05/updates-1.1.2-and-1.0.6-released
Related
nvd
nvd
CVE-2015-5382
2017-05-23 04:29:00
ubuntucve
ubuntucve
CVE-2015-5382
2017-05-23 00:00:00
cve
cve
CVE-2015-5382
2017-05-23 04:29:00
debiancve
debiancve
CVE-2015-5382
2017-05-23 04:29:00
prion
prion
Code injection
2017-05-23 04:29:00
nessus
nessus
Fedora 21 : roundcubemail-1.1.2-1.fc21 (2015-11469)
2015-07-29 00:00:00
Fedora 22 : roundcubemail-1.1.2-1.fc22 (2015-11405)
2015-07-29 00:00:00
openvas
openvas
Fedora Update for roundcubemail FEDORA-2015-11405
2015-07-30 00:00:00
Roundcube Webmail < 1.0.6, 1.1.x < 1.1.2 Multiple Vulnerabilities
2017-05-30 00:00:00
Mageia: Security Advisory (MGASA-2015-0400)
2015-10-15 00:00:00
mageia
mageia
Updated roundcubemail package fixes security vulnerabilities
2015-10-14 23:28:21
fedora
fedora
[SECURITY] Fedora 22 Update: roundcubemail-1.1.2-1.fc22
2015-07-29 01:46:24
[SECURITY] Fedora 21 Update: roundcubemail-1.1.2-1.fc21
2015-07-29 01:55:22