Lucene search
K

2034 matches found

Fedora
Fedora
added 2009/02/05 2:12 a.m.29 views

[SECURITY] Fedora 9 Update: roundcubemail-0.2-7.stable.fc9

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

4.3CVSS0.3AI score0.0198EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2009/02/03 11:30 p.m.24 views

CVE-2009-0413

Cross-site scripting XSS vulnerability in RoundCube Webmail roundcubemail 0.2 stable allows remote attackers to inject arbitrary web script or HTML via the background attribute embedded in an HTML e-mail message...

4.3CVSS6AI score0.0198EPSS
Exploits1References1
Prion
Prion
added 2009/02/03 11:30 p.m.20 views

Cross site scripting

Cross-site scripting XSS vulnerability in RoundCube Webmail roundcubemail 0.2 stable allows remote attackers to inject arbitrary web script or HTML via the background attribute embedded in an HTML e-mail message...

4.3CVSS6AI score0.0198EPSS
Exploits1References7Affected Software1
OSV
OSV
added 2009/02/03 11:30 p.m.2 views

DEBIAN-CVE-2009-0413

Cross-site scripting XSS vulnerability in RoundCube Webmail roundcubemail 0.2 stable allows remote attackers to inject arbitrary web script or HTML via the background attribute embedded in an HTML e-mail message...

4.3CVSS6AI score0.0198EPSS
Exploits1References1
NVD
NVD
added 2009/02/03 11:30 p.m.17 views

CVE-2009-0413

Cross-site scripting XSS vulnerability in RoundCube Webmail roundcubemail 0.2 stable allows remote attackers to inject arbitrary web script or HTML via the background attribute embedded in an HTML e-mail message...

4.3CVSS5.5AI score0.0198EPSS
Exploits1References7
OSV
OSV
added 2009/02/03 11:30 p.m.3 views

CVE-2009-0413

Cross-site scripting XSS vulnerability in RoundCube Webmail roundcubemail 0.2 stable allows remote attackers to inject arbitrary web script or HTML via the background attribute embedded in an HTML e-mail message...

5.4AI score
Exploits0References7
Cvelist
Cvelist
added 2009/02/03 11:0 p.m.36 views

CVE-2009-0413

Cross-site scripting XSS vulnerability in RoundCube Webmail roundcubemail 0.2 stable allows remote attackers to inject arbitrary web script or HTML via the background attribute embedded in an HTML e-mail message...

5.4AI score0.0198EPSS
Exploits1References7
CVE
CVE
added 2009/02/03 11:0 p.m.67 views

CVE-2009-0413

CVE-2009-0413 is an XSS vulnerability in RoundCube Webmail (roundcubemail) 0.2 stable. An attacker could inject arbitrary HTML/script by exploiting the background attribute in HTML emails, leading to script execution in a user’s browser context. Public records show CVSS 2.0 base score 4.3 (AV:N/A...

4.3CVSS5.5AI score0.0198EPSS
Exploits1References7Affected Software1
FreeBSD
FreeBSD
added 2009/01/21 12:0 a.m.24 views

roundcube -- webmail script insertion and php code injection

Secunia reports: Some vulnerabilities have been reported in RoundCube Webmail, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct script insertion attacks and compromise a vulnerable system. The HTML "background" attribute within e.g. HT...

4.3CVSS1.2AI score0.0198EPSS
Exploits1References4
Debian
Debian
added 2009/01/19 3:59 p.m.20 views

[Backports-security-announce] Security update for roundcube

Hi, Ive just uploaded new roundcube packages to etch-backports fixing the security issues listed below. Please note that these are remote exploitable issues and an upgrade is highly recommended. Fix a vulnerability in quota image generation. This fixes CVE-2008-5620. Thanks to Nico Golde for...

7.8CVSS2AI score0.02576EPSS
Exploits0
Debian
Debian
added 2009/01/19 3:36 p.m.4 views

[Backports-security-announce] Security update for roundcube

Hi, Ive just uploaded new roundcube packages to etch-backports fixing the security issues listed below. Please note that these are remote exploitable issues and an upgrade is highly recommended. Fix a vulnerability in quota image generation. This fixes CVE-2008-5620. Thanks to Nico Golde for...

7.8CVSS5.8AI score0.02576EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2009/01/15 12:0 a.m.6 views

Update Protection against Roundcubemail PHP Arbitrary Code Injection

A vulnerability has been identified in RoundCube Webmail, a browser-based IMAP client. The vulnerability could be triggered via a specially crafted POST request to compromise a vulnerable web server...

10CVSS6.2AI score0.54003EPSS
Exploits15
OpenVAS
OpenVAS
added 2009/01/02 12:0 a.m.32 views

FreeBSD Ports: roundcube

The remote host is missing an update to the system as announced in the referenced advisory. VID 8f483746-d45d-11dd-84ec-001fc66e7203 OpenVAS Vulnerability Test $ Description: Auto generated from VID 8f483746-d45d-11dd-84ec-001fc66e7203 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

10CVSS7.4AI score0.54003EPSS
Exploits15
Tenable Nessus
Tenable Nessus
added 2009/01/02 12:0 a.m.43 views

FreeBSD : roundcube -- remote execution of arbitrary code (8f483746-d45d-11dd-84ec-001fc66e7203)

Entry for CVE-2008-5619 says : html2text.php in RoundCube Webmail roundcubemail 0.2-1.alpha and 0.2-3.beta allows remote attackers to execute arbitrary code via crafted input that is processed by the pregreplace function with the eval switch. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. T...

10CVSS6AI score0.54003EPSS
Exploits15References3
OpenVAS
OpenVAS
added 2009/01/02 12:0 a.m.50 views

FreeBSD Ports: roundcube

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

10CVSS6.3AI score0.54003EPSS
Exploits15References2
Packet Storm
Packet Storm
added 2008/12/30 12:0 a.m.46 views

RoundCube Webmail 0.2b Remote Code Execution

!/bin/sh I was hoping the PoC would not appear so soon, but now that it is out, i thought i might as well publish my real exploit. Hunger http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5619 FOR LEARNING PURPOSES ONLY! PHP echoiniget'disablefunctions'; exec, system PHP passthru"id; uname...

10CVSS0.4AI score0.54003EPSS
Exploits15
Packet Storm
Packet Storm
added 2008/12/30 12:0 a.m.53 views

RoundCube Webmail 0.2-3 Beta Code Execution

Public Release Date of POC: 2008-12-22 Author: Jacobo Avariento Gimeno Sofistic CVE id: CVE-2008-5619 Bugtraq id: 32799 Severity: Critical Vulnerability reported by: RealMurphy Intro ---- Roundcube Webmail is a browser-based IMAP client that uses "chuggnutt.com HTML to Plain Text Conversion"...

10CVSS0.3AI score0.54003EPSS
Exploits15
Tenable Nessus
Tenable Nessus
added 2008/12/26 12:0 a.m.220 views

RoundCube Webmail bin/html2text.php Post Request Remote PHP Code Execution

The remote host is running RoundCube Webmail, a web-based IMAP client written in PHP. The version of RoundCube Webmail installed on the remote host allows execution of arbitrary commands via the embedded html2text conversion library from chuggnutt.com. Using a specially crafted POST request, an...

10CVSS6.1AI score0.54003EPSS
Exploits15References3
seebug.org
seebug.org
added 2008/12/23 12:0 a.m.61 views

RoundCube Webmail <= 0.2b Remote Code Execution Exploit

No description provided by source. !/bin/sh I was hoping the PoC would not appear so soon, but now that it is out, i thought i might as well publish my real exploit. Hunger http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5619 FOR LEARNING PURPOSES ONLY! PHP echoiniget'disablefunctions';...

10CVSS0.5AI score0.54003EPSS
Exploits15
seebug.org
seebug.org
added 2008/12/23 12:0 a.m.49 views

RoundCube Webmail <= 0.2-3 beta Code Execution Vulnerability

No description provided by source. Public Release Date of POC: 2008-12-22 Author: Jacobo Avariento Gimeno Sofistic CVE id: CVE-2008-5619 Bugtraq id: 32799 Severity: Critical Vulnerability reported by: RealMurphy Intro ---- Roundcube Webmail is a browser-based IMAP client that uses "chuggnutt.com...

10CVSS0.4AI score0.54003EPSS
Exploits15
Rows per page
Query Builder