Lucene search
K

17 matches found

OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.16 views

Mageia: Security Advisory (MGASA-2013-0325)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.7AI score0.02873EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2015/09/29 12:0 a.m.22 views

Gentoo Security Advisory GLSA 201402-15

Gentoo Linux Local Security Checks GLSA 201402-15 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

7.5CVSS7.9AI score0.02873EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.29 views

openSUSE Security Update : roundcubemail (openSUSE-SU-2014:0365-1)

roundcubemail was updated to 0.9.5 to fix bugs and security issues. Fixed security issues : - CVE-2013-6172: vulnerability in handling session argument of utils/save-prefs New upstream release 0.9.5 bnc847179 CVE-2013-6172 - Fix failing vCard import when email address field contains spaces - Fix...

7.5CVSS7.7AI score0.02873EPSS
Exploits0References3
Mageia
Mageia
added 2013/11/18 2:35 p.m.27 views

Updated roundcubemail package fixes security vulnerability

It was discovered that roundcube does not properly sanitize the session parameter in steps/utils/savepref.inc during saving preferences. The vulnerability can be exploited to overwrite configuration settings and subsequently allowing random file access, manipulated SQL queries and even code...

7.5CVSS2.3AI score0.02873EPSS
Exploits0References4
Debian
Debian
added 2013/11/12 9:33 p.m.56 views

[BSA-085] Security Update for roundcube

Package : roundcube Vulnerability : design error Problem type : remote Debian-specific: no CVE ID : CVE-2013-6172 Debian Bug : 727668 It was discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, does not properly sanitize the session parameter in...

7.5CVSS6.7AI score0.02873EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/11/11 12:0 a.m.19 views

Fedora 20 : roundcubemail-0.9.5-1.fc20 (2013-19699)

Roundcubemail just released new 0.9.5 version with fixes for VCE2013-6172will be available soon. Hotfix: https://github.com/roundcube/roundcubemail/commit/4109bb26ce.diff Full announcement : Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...

7.5CVSS7.7AI score0.02873EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2013/11/08 12:0 a.m.20 views

Fedora Update for roundcubemail FEDORA-2013-19745

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.4AI score
Exploits0References2
OSV
OSV
added 2013/11/05 6:55 p.m.4 views

CVE-2013-6172

steps/utils/savepref.inc in Roundcube webmail before 0.8.7 and 0.9.x before 0.9.5 allows remote attackers to modify configuration settings via the session parameter, which can be leveraged to read arbitrary files, conduct SQL injection attacks, and execute arbitrary code...

7.7AI score
Exploits0References6
NVD
NVD
added 2013/11/05 6:55 p.m.17 views

CVE-2013-6172

steps/utils/savepref.inc in Roundcube webmail before 0.8.7 and 0.9.x before 0.9.5 allows remote attackers to modify configuration settings via the session parameter, which can be leveraged to read arbitrary files, conduct SQL injection attacks, and execute arbitrary code...

7.5CVSS7.8AI score0.02873EPSS
Exploits0References5
CVE
CVE
added 2013/11/05 6:0 p.m.113 views

CVE-2013-6172

CVE-2013-6172 affects Roundcube Webmail prior to 0.9.5 and 0.8.7. The vulnerability is in steps/utils/save_pref.inc and allows remote attackers to modify configuration settings via the _session parameter, enabling reading arbitrary files, SQL injection, and arbitrary code execution. The open advi...

7.5CVSS7.8AI score0.02873EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2013/10/30 12:0 a.m.26 views

Mandriva Linux Security Advisory : roundcubemail (MDVSA-2013:263)

A vulnerability has been discovered and corrected in roundcubemail : It was discovered that roundcube does not properly sanitize the session parameter in steps/utils/savepref.inc during saving preferences. The vulnerability can be exploited to overwrite configuration settings and subsequently...

7.5CVSS8.2AI score0.02873EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2013/10/28 12:0 a.m.22 views

Fedora Update for roundcubemail FEDORA-2013-19729

Check for the Version of roundcubemail OpenVAS Vulnerability Test Fedora Update for roundcubemail FEDORA-2013-19729 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

7.5CVSS0.02873EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2013/10/28 12:0 a.m.17 views

Fedora Update for roundcubemail FEDORA-2013-19729

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.02873EPSS
Exploits0References2
Debian
Debian
added 2013/10/27 8:53 a.m.66 views

[SECURITY] [DSA 2787-1] roundcube security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2787-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso October 27, 2013 http://www.debian.org/security/faq -...

7.5CVSS6.4AI score0.02873EPSS
Exploits0
Debian
Debian
added 2013/10/27 8:53 a.m.69 views

[SECURITY] [DSA 2787-1] roundcube security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2787-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso October 27, 2013 http://www.debian.org/security/faq -...

7.5CVSS1.7AI score0.02873EPSS
Exploits0
OpenVAS
OpenVAS
added 2013/10/27 12:0 a.m.27 views

Debian Security Advisory DSA 2787-1 (roundcube - design error)

It was discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, does not properly sanitize the session parameter in steps/utils/savepref.inc during saving preferences. The vulnerability can be exploited to overwrite configuration settings and subsequently allowing rand...

7.5CVSS8.8AI score0.02873EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2013/10/27 12:0 a.m.23 views

Fedora 19 : roundcubemail-0.9.5-1.fc19 (2013-19729)

Roundcubemail just released new 0.9.5 version with fixes for VCE2013-6172will be available soon. Hotfix: https://github.com/roundcube/roundcubemail/commit/4109bb26ce.diff Full announcement : Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...

7.5CVSS7.7AI score0.02873EPSS
Exploits0References5
Rows per page
Query Builder