14 matches found
openSUSE: Security Advisory for roundcubemail (openSUSE-SU-2016:0213-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2015-8770
Directory traversal vulnerability in the setskin function in program/include/rcmailoutputhtml.php in Roundcube before 1.0.8 and 1.1.x before 1.1.4 allows remote authenticated users with certain permissions to read arbitrary files or possibly execute arbitrary code via a .. dot dot in the skin...
CVE-2015-8770
Directory traversal vulnerability in the setskin function in program/include/rcmailoutputhtml.php in Roundcube before 1.0.8 and 1.1.x before 1.1.4 allows remote authenticated users with certain permissions to read arbitrary files or possibly execute arbitrary code via a .. dot dot in the skin...
CVE-2015-8770
CVE-2015-8770 is a path traversal vulnerability in Roundcube’s skin handling. Specifically, the set_skin function in Roundcube’s rcmail_output_html.php (affected in versions prior to 1.0.8 and 1.1.x prior to 1.1.4) allows remote authenticated users with required permissions to read arbitrary file...
CVE-2015-8770
Directory traversal vulnerability in the setskin function in program/include/rcmailoutputhtml.php in Roundcube before 1.0.8 and 1.1.x before 1.1.4 allows remote authenticated users with certain permissions to read arbitrary files or possibly execute arbitrary code via a .. dot dot in the skin...
openSUSE Security Update : roundcubemail (openSUSE-2016-81)
This update to roundcubemail 1.0.8 fixes the following issues : - CVE-2015-8770: Path traversal vulnerability allowed code execution to remote authenticated users if they were also upload files to the same server through some other method boo962067 This update also contains all upstream fixes in...
openSUSE Security Update : roundcubemail (openSUSE-2016-80)
This update to roundcubemail 1.1.4 fixes the following issues : - CVE-2015-8770: Path traversal vulnerability allowed code execution to remote authenticated users if they were also upload files to the same server through some other method boo962067 This update also contains all upstream fixes in...
openSUSE: Security Advisory for roundcubemail (openSUSE-SU-2016:0210-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for roundcubemail (important)
This update to roundcubemail 1.1.4 fixes the following issues: - CVE-2015-8770: Path traversal vulnerability allowed code execution to remote authenticated users if they were also upload files to the same server through some other method boo962067 This update also contains all upstream fixes in...
Security update for roundcubemail (important)
This update to roundcubemail 1.0.8 fixes the following issues: - CVE-2015-8770: Path traversal vulnerability allowed code execution to remote authenticated users if they were also upload files to the same server through some other method boo962067 This update also contains all upstream fixes in...
[SECURITY] [DLA 392-1] roundcube security update
Package : roundcube Version : 0.3.1-6+deb6u1 CVE ID : CVE-2015-8770 High-Tech Bridge Security Research Lab discovered a path traversal vulnerability in a popular webmail client Roundcube. Vulnerability can be exploited to gain access to sensitive information and under certain circumstances to...
Roundcube 1.1.3 - Directory Traversal
Exploit for php platform in category web applications Product: Roundcube Vendor: Roundcube.net Vulnerable Versions: 1.1.3 and probably prior Tested Version: 1.1.3 Advisory Publication: December 21, 2015 without technical details Vendor Notification: December 21, 2015 Vendor Patch: December 26, 20...
Roundcube Webmail 1.1.3 - Directory Traversal
Roundcube Webmail 1.1.3 - Directory Traversal Advisory ID: HTB23283 Product: Roundcube Vendor: Roundcube.net Vulnerable Versions: 1.1.3 and probably prior Tested Version: 1.1.3 Advisory Publication: December 21, 2015 without technical details Vendor Notification: December 21, 2015 Vendor Patch:...
Roundcube Webmail 1.1.3 - Directory Traversal
Advisory ID: HTB23283 Product: Roundcube Vendor: Roundcube.net Vulnerable Versions: 1.1.3 and probably prior Tested Version: 1.1.3 Advisory Publication: December 21, 2015 without technical details Vendor Notification: December 21, 2015 Vendor Patch: December 26, 2015 Public Disclosure: January 13...