Absolute path traversal vulnerability in steps/mail/sendmail.inc in Roundcube Webmail before 0.7.3 and 0.8.x before 0.8.6 allows remote attackers to read arbitrary files via a full pathname in the _value parameter for the generic_message_footer setting in a save-perf action to index.php, as exploited in the wild in March 2013.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | roundcube | < 0.7.2-9 | roundcube_0.7.2-9_all.deb |
Debian | 11 | all | roundcube | < 0.7.2-9 | roundcube_0.7.2-9_all.deb |
Debian | 10 | all | roundcube | < 0.7.2-9 | roundcube_0.7.2-9_all.deb |
Debian | 999 | all | roundcube | < 0.7.2-9 | roundcube_0.7.2-9_all.deb |
Debian | 13 | all | roundcube | < 0.7.2-9 | roundcube_0.7.2-9_all.deb |