2034 matches found
[SECURITY] Fedora 9 Update: roundcubemail-0.2-7.stable.fc9
RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...
CVE-2009-0413
Cross-site scripting XSS vulnerability in RoundCube Webmail roundcubemail 0.2 stable allows remote attackers to inject arbitrary web script or HTML via the background attribute embedded in an HTML e-mail message...
Cross site scripting
Cross-site scripting XSS vulnerability in RoundCube Webmail roundcubemail 0.2 stable allows remote attackers to inject arbitrary web script or HTML via the background attribute embedded in an HTML e-mail message...
DEBIAN-CVE-2009-0413
Cross-site scripting XSS vulnerability in RoundCube Webmail roundcubemail 0.2 stable allows remote attackers to inject arbitrary web script or HTML via the background attribute embedded in an HTML e-mail message...
CVE-2009-0413
Cross-site scripting XSS vulnerability in RoundCube Webmail roundcubemail 0.2 stable allows remote attackers to inject arbitrary web script or HTML via the background attribute embedded in an HTML e-mail message...
CVE-2009-0413
Cross-site scripting XSS vulnerability in RoundCube Webmail roundcubemail 0.2 stable allows remote attackers to inject arbitrary web script or HTML via the background attribute embedded in an HTML e-mail message...
CVE-2009-0413
Cross-site scripting XSS vulnerability in RoundCube Webmail roundcubemail 0.2 stable allows remote attackers to inject arbitrary web script or HTML via the background attribute embedded in an HTML e-mail message...
CVE-2009-0413
CVE-2009-0413 is an XSS vulnerability in RoundCube Webmail (roundcubemail) 0.2 stable. An attacker could inject arbitrary HTML/script by exploiting the background attribute in HTML emails, leading to script execution in a user’s browser context. Public records show CVSS 2.0 base score 4.3 (AV:N/A...
roundcube -- webmail script insertion and php code injection
Secunia reports: Some vulnerabilities have been reported in RoundCube Webmail, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct script insertion attacks and compromise a vulnerable system. The HTML "background" attribute within e.g. HT...
[Backports-security-announce] Security update for roundcube
Hi, Ive just uploaded new roundcube packages to etch-backports fixing the security issues listed below. Please note that these are remote exploitable issues and an upgrade is highly recommended. Fix a vulnerability in quota image generation. This fixes CVE-2008-5620. Thanks to Nico Golde for...
[Backports-security-announce] Security update for roundcube
Hi, Ive just uploaded new roundcube packages to etch-backports fixing the security issues listed below. Please note that these are remote exploitable issues and an upgrade is highly recommended. Fix a vulnerability in quota image generation. This fixes CVE-2008-5620. Thanks to Nico Golde for...
Update Protection against Roundcubemail PHP Arbitrary Code Injection
A vulnerability has been identified in RoundCube Webmail, a browser-based IMAP client. The vulnerability could be triggered via a specially crafted POST request to compromise a vulnerable web server...
FreeBSD Ports: roundcube
The remote host is missing an update to the system as announced in the referenced advisory. VID 8f483746-d45d-11dd-84ec-001fc66e7203 OpenVAS Vulnerability Test $ Description: Auto generated from VID 8f483746-d45d-11dd-84ec-001fc66e7203 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
FreeBSD : roundcube -- remote execution of arbitrary code (8f483746-d45d-11dd-84ec-001fc66e7203)
Entry for CVE-2008-5619 says : html2text.php in RoundCube Webmail roundcubemail 0.2-1.alpha and 0.2-3.beta allows remote attackers to execute arbitrary code via crafted input that is processed by the pregreplace function with the eval switch. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. T...
FreeBSD Ports: roundcube
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
RoundCube Webmail 0.2b Remote Code Execution
!/bin/sh I was hoping the PoC would not appear so soon, but now that it is out, i thought i might as well publish my real exploit. Hunger http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5619 FOR LEARNING PURPOSES ONLY! PHP echoiniget'disablefunctions'; exec, system PHP passthru"id; uname...
RoundCube Webmail 0.2-3 Beta Code Execution
Public Release Date of POC: 2008-12-22 Author: Jacobo Avariento Gimeno Sofistic CVE id: CVE-2008-5619 Bugtraq id: 32799 Severity: Critical Vulnerability reported by: RealMurphy Intro ---- Roundcube Webmail is a browser-based IMAP client that uses "chuggnutt.com HTML to Plain Text Conversion"...
RoundCube Webmail bin/html2text.php Post Request Remote PHP Code Execution
The remote host is running RoundCube Webmail, a web-based IMAP client written in PHP. The version of RoundCube Webmail installed on the remote host allows execution of arbitrary commands via the embedded html2text conversion library from chuggnutt.com. Using a specially crafted POST request, an...
RoundCube Webmail <= 0.2b Remote Code Execution Exploit
No description provided by source. !/bin/sh I was hoping the PoC would not appear so soon, but now that it is out, i thought i might as well publish my real exploit. Hunger http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5619 FOR LEARNING PURPOSES ONLY! PHP echoiniget'disablefunctions';...
RoundCube Webmail <= 0.2-3 beta Code Execution Vulnerability
No description provided by source. Public Release Date of POC: 2008-12-22 Author: Jacobo Avariento Gimeno Sofistic CVE id: CVE-2008-5619 Bugtraq id: 32799 Severity: Critical Vulnerability reported by: RealMurphy Intro ---- Roundcube Webmail is a browser-based IMAP client that uses "chuggnutt.com...