Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2013-1904HistoryFeb 08, 2014 - 12:55 a.m.
CVE-2013-1904
2014-02-0800:55:00
Debian Security Bug Tracker
security-tracker.debian.org
9
0.005 Low
EPSS
Percentile
75.1%
Absolute path traversal vulnerability in steps/mail/sendmail.inc in Roundcube Webmail before 0.7.3 and 0.8.x before 0.8.6 allows remote attackers to read arbitrary files via a full pathname in the _value parameter for the generic_message_footer setting in a save-perf action to index.php, as exploited in the wild in March 2013.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | roundcube | < 0.7.2-9 | roundcube_0.7.2-9_all.deb |
| Debian | 11 | all | roundcube | < 0.7.2-9 | roundcube_0.7.2-9_all.deb |
| Debian | 10 | all | roundcube | < 0.7.2-9 | roundcube_0.7.2-9_all.deb |
| Debian | 999 | all | roundcube | < 0.7.2-9 | roundcube_0.7.2-9_all.deb |
| Debian | 13 | all | roundcube | < 0.7.2-9 | roundcube_0.7.2-9_all.deb |
Related
prion
prion
Path traversal
2014-02-08 00:55:00
nessus
nessus
openSUSE Security Update : roundcubemail (openSUSE-SU-2013:0671-1)
2014-06-13 00:00:00
Mandriva Linux Security Advisory : roundcubemail (MDVSA-2013:149)
2013-04-23 00:00:00
Fedora 17 : roundcubemail-0.8.6-1.fc17 (2013-4536)
2013-04-08 00:00:00
ubuntucve
ubuntucve
CVE-2013-1904
2014-02-08 00:00:00
freebsd
freebsd
roundcube -- arbitrary file disclosure vulnerability
2013-03-27 00:00:00
securityvulns
securityvulns
[ MDVSA-2013:149 ] roundcubemail
2013-05-06 00:00:00
cvelist
cvelist
CVE-2013-1904
2014-02-08 00:00:00
cve
cve
CVE-2013-1904
2014-02-08 00:55:00
openvas
openvas
Fedora Update for roundcubemail FEDORA-2013-4564
2013-04-08 00:00:00
Fedora Update for roundcubemail FEDORA-2013-4564
2013-04-08 00:00:00
Fedora Update for roundcubemail FEDORA-2013-4536
2013-04-08 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: roundcubemail-0.8.6-1.fc18
2013-04-07 00:30:14
[SECURITY] Fedora 17 Update: roundcubemail-0.8.6-1.fc17
2013-04-07 00:41:17