Lucene search
PRIOn knowledge basePRION:CVE-2016-4069HistoryAug 25, 2016 - 6:59 p.m.
Cross site request forgery (csrf)
2016-08-2518:59:00
PRIOn knowledge base
www.prio-n.com
6
Cross-site request forgery (CSRF) vulnerability in Roundcube Webmail before 1.1.5 allows remote attackers to hijack the authentication of users for requests that download attachments and cause a denial of service (disk consumption) via unspecified vectors.
References
lists.opensuse.org/opensuse-updates/2016-08/msg00079.html
www.openwall.com/lists/oss-security/2016/04/23/4
www.securityfocus.com/bid/92654
github.com/roundcube/roundcubemail/commit/4a408843b0ef816daf70a472a02b78cd6073a4d5
github.com/roundcube/roundcubemail/commit/699af1e5206ed9114322adaa3c25c1c969640a53
github.com/roundcube/roundcubemail/issues/4957
github.com/roundcube/roundcubemail/releases/tag/1.1.5
github.com/roundcube/roundcubemail/wiki/Changelog
Related
openvas
openvas
Roundcube Webmail < 1.1.5 CSRF Vulnerability
2016-12-07 00:00:00
Debian: Security Advisory (DLA-613-1)
2018-02-07 00:00:00
Mageia: Security Advisory (MGASA-2016-0155)
2016-05-09 00:00:00
ubuntucve
ubuntucve
CVE-2016-4069
2016-08-25 00:00:00
nvd
nvd
CVE-2016-4069
2016-08-25 18:59:00
cve
cve
CVE-2016-4069
2016-08-25 18:59:00
cvelist
cvelist
CVE-2016-4069
2016-08-25 18:00:00
debiancve
debiancve
CVE-2016-4069
2016-08-25 18:59:00
nessus
nessus
openSUSE Security Update : roundcubemail (openSUSE-2016-995)
2016-08-22 00:00:00
Debian DLA-613-1 : roundcube security update
2016-09-09 00:00:00
Fedora 23 : roundcubemail-1.1.5-1.fc23 (2016-69eb7f9fb2)
2016-05-02 00:00:00
mageia
mageia
Updated roundcubemail packages fix security vulnerabilities
2016-04-29 20:21:35
debian
debian
[SECURITY] [DLA 613-1] roundcube security update
2016-09-08 09:58:47
osv
osv
roundcube - security update
2016-09-08 00:00:00