Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2014-9587HistoryJan 15, 2015 - 3:59 p.m.
CVE-2014-9587
2015-01-1515:59:21
Debian Security Bug Tracker
security-tracker.debian.org
16
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
0.002
Percentile
56.5%
Multiple cross-site request forgery (CSRF) vulnerabilities in Roundcube Webmail before 1.0.4 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors, related to (1) address book operations or the (2) ACL or (3) Managesieve plugins.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | roundcube | < 1.1.1+dfsg.1-2 | roundcube_1.1.1+dfsg.1-2_all.deb |
| Debian | 11 | all | roundcube | < 1.1.1+dfsg.1-2 | roundcube_1.1.1+dfsg.1-2_all.deb |
| Debian | 999 | all | roundcube | < 1.1.1+dfsg.1-2 | roundcube_1.1.1+dfsg.1-2_all.deb |
| Debian | 13 | all | roundcube | < 1.1.1+dfsg.1-2 | roundcube_1.1.1+dfsg.1-2_all.deb |
Related
prion
prion
Cross site request forgery (csrf)
2015-01-15 15:59:00
nessus
nessus
openSUSE Security Update : roundcubemail (openSUSE-SU-2015:0116-1)
2015-01-26 00:00:00
Debian DLA-613-1 : roundcube security update
2016-09-09 00:00:00
cvelist
cvelist
CVE-2014-9587
2015-01-15 15:00:00
ubuntucve
ubuntucve
CVE-2014-9587
2015-01-15 00:00:00
cve
cve
CVE-2014-9587
2015-01-15 15:59:21
nvd
nvd
CVE-2014-9587
2015-01-15 15:59:21
openvas
openvas
Debian: Security Advisory (DLA-613-1)
2018-02-07 00:00:00
osv
osv
roundcube - security update
2016-09-08 00:00:00
debian
debian
[SECURITY] [DLA 613-1] roundcube security update
2016-09-08 09:58:47
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
0.002
Percentile
56.5%
Related for DEBIANCVE:CVE-2014-9587