CVE-2015-2181

Опубликовано: 30 янв. 2017

Источник: nvd

CVSS3: 8.8

CVSS2: 6.5

EPSS Низкий

Описание

Multiple buffer overflows in the DBMail driver in the Password plugin in Roundcube before 1.1.0 allow remote attackers to have unspecified impact via the (1) password or (2) username.

Ссылки

http://www.securityfocus.com/bid/96391
Third Party Advisory
VDB Entry
https://github.com/roundcube/roundcubemail/issues/4757
Exploit
Vendor Advisory
http://www.securityfocus.com/bid/96391
Third Party Advisory
VDB Entry
https://github.com/roundcube/roundcubemail/issues/4757
Exploit
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:roundcube:webmail:*:*:*:*:*:*:*:*

Версия до 1.1.0 (исключая)

EPSS

Процентиль: 73%

0.00764

Низкий

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-119

Связанные уязвимости

CVE-2015-2181

CVSS3: 8.8

ubuntu

около 9 лет назад

Multiple buffer overflows in the DBMail driver in the Password plugin in Roundcube before 1.1.0 allow remote attackers to have unspecified impact via the (1) password or (2) username.

CVE-2015-2181

CVSS3: 8.8

debian

около 9 лет назад

Multiple buffer overflows in the DBMail driver in the Password plugin ...

GHSA-v2gp-p8mp-5q72

CVSS3: 8.8

github

больше 3 лет назад

Multiple buffer overflows in the DBMail driver in the Password plugin in Roundcube before 1.1.0 allow remote attackers to have unspecified impact via the (1) password or (2) username.

openSUSE-SU-2016:3038-1

suse-cvrf

около 9 лет назад

Security update for roundcubemail

openSUSE-SU-2016:2109-1

suse-cvrf

больше 9 лет назад

Security update for roundcubemail

EPSS

Процентиль: 73%

0.00764

Низкий

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-119