6 matches found
openSUSE Security Update : roundcubemail (openSUSE-SU-2013:0671-1)
Update to version 0.8.6 bnc812568 - Fix security issue in save-pref command CVE-2013-1904 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2013-332. The text description of this plugin...
CVE-2013-1904
Absolute path traversal vulnerability in steps/mail/sendmail.inc in Roundcube Webmail before 0.7.3 and 0.8.x before 0.8.6 allows remote attackers to read arbitrary files via a full pathname in the value parameter for the genericmessagefooter setting in a save-perf action to index.php, as exploite...
CVE-2013-1904
CVE-2013-1904 affects Roundcube Webmail. Affected: steps/mail/sendmail.inc contains an absolute path traversal flaw in the _value parameter of the generic_message_footer setting used during a save-perf action, enabling remote attackers to read arbitrary files. Impact exposed in versions prior to ...
[ MDVSA-2013:149 ] roundcubemail
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:149 http://www.mandriva.com/en/support/security/ Package : roundcubemail Date : April 21, 2013 Affected: Business Server 1.0 Problem Description: A vulnerability has been found and corrected in roundcubemail...
Fedora Update for roundcubemail FEDORA-2013-4536
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for roundcubemail FEDORA-2013-4564
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...