6 matches found
SUSE CVE-2015-2180
The DBMail driver in the Password plugin in Roundcube before 1.1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the password...
UBUNTU-CVE-2015-2180
The DBMail driver in the Password plugin in Roundcube before 1.1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the password...
CVE-2015-2180
The DBMail driver in the Password plugin in Roundcube before 1.1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the password...
CVE-2015-2180
The CVE-2015-2180 issue affects Roundcube’s Password plugin: the DBMail driver accepts a password containing shell metacharacters, enabling remote command execution. This is tied to Roundcube versions before 1.1.0. Reported CVSS scores indicate a HIGH impact (up to 8.8–9.0) with network access, l...
Mageia: Security Advisory (MGASA-2015-0400)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : roundcubemail (openSUSE-2015-490)
roundcubemail was updated to version 1.0.6 to fix many minor bugs and three security issues. The following vulnerabilities were fixed : - CVE-2015-2180: security improvement in DBMail driver of password plugin shell execution - CVE-2015-2181: security improvement in DBMail driver of password plug...