25 matches found
Updated roundcubemail packages fix security vulnerabilities
Updated roundcubemail packages fix security vulnerabilities: More security issues in the DBMail driver for the password plugin, related to CVE-2015-2181. XSS issue in SVG images handling CVE-2015-8864. Lack of protection for attachment download URLs against CSRF CVE-2016-4069. The roundcubemail...
MGASA-2016-0155 Updated roundcubemail packages fix security vulnerabilities
Updated roundcubemail packages fix security vulnerabilities: More security issues in the DBMail driver for the password plugin, related to CVE-2015-2181. XSS issue in SVG images handling CVE-2015-8864. Lack of protection for attachment download URLs against CSRF CVE-2016-4069. The roundcubemail...
Updated roundcubemail package fixes security vulnerabilities
Multiple security issues in the DBMail driver for the password plugin, including buffer overflows CVE-2015-2181 and the ability for a remote attacker to execute arbitrary shell commands as root CVE-2015-2180. An authenticated user can download arbitrary files from the web server that the web serv...
MGASA-2015-0400 Updated roundcubemail package fixes security vulnerabilities
Multiple security issues in the DBMail driver for the password plugin, including buffer overflows CVE-2015-2181 and the ability for a remote attacker to execute arbitrary shell commands as root CVE-2015-2180. An authenticated user can download arbitrary files from the web server that the web serv...
openSUSE Security Update : roundcubemail (openSUSE-2015-454)
roundcubemail was updated to version 1.0.6 to fix many minor bugs and two security issues. The security-related fixes in particular are : - security improvement in DBMail driver of password plugin - security improvement in contact photo handling %NASLMINLEVEL 70300 C Tenable Network Security, Inc...