8 matches found
openSUSE Security Update : roundcubemail (openSUSE-SU-2012:1124-1)
Update to version 0.8.1 - lot of bugfixes and new features including new skin please check the CHANGELOG - contains security related fixes bnc777446 - Fix XSS vulnerability in message subject handling using Larry skin CVE-2012-3507 - Fix XSS issue where plain signatures wasn't secured in HTML...
Fedora 18 : roundcubemail-0.7.3-1.fc18 (2012-12290)
Latest upstream, plus patch for XSS CVE-2012-3507. http://trac.roundcube.net/ticket/1488613 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible...
Fedora Update for roundcubemail FEDORA-2012-12362
Check for the Version of roundcubemail OpenVAS Vulnerability Test Fedora Update for roundcubemail FEDORA-2012-12362 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Fedora Update for roundcubemail FEDORA-2012-12357
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for roundcubemail FEDORA-2012-12362
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora 17 : roundcubemail-0.7.3-1.fc17 (2012-12362)
Latest upstream, plus patch for XSS CVE-2012-3507. http://trac.roundcube.net/ticket/1488613 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible...
CVE-2012-3507
Cross-site scripting XSS vulnerability in program/steps/mail/func.inc in RoundCube Webmail before 0.8.0, when using the Larry skin, allows remote attackers to inject arbitrary web script or HTML via the email message subject...
CVE-2012-3507
CVE-2012-3507 is a cross-site scripting (XSS) vulnerability in RoundCube Webmail prior to 0.8.0 when using the Larry skin, allowing remote attackers to inject arbitrary script or HTML via the email subject. Public reports in openSUSE and Fedora advisories indicate updates exist to address this is...