Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-9846

Опубликовано: 07 апр. 2018
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 6.8
CVSS3: 8.8

Описание

In Roundcube from versions 1.2.0 to 1.3.5, with the archive plugin enabled and configured, it's possible to exploit the unsanitized, user-controlled "_uid" parameter (in an archive.php _task=mail&_mbox=INBOX&_action=plugin.move2archive request) to perform an MX (IMAP) injection attack by placing an IMAP command after a %0d%0a sequence. NOTE: this is less easily exploitable in 1.3.4 and later because of a Same Origin Policy protection mechanism.

РелизСтатусПримечание
artful

ignored

end of life
bionic

not-affected

1.3.6+dfsg.1-1
cosmic

not-affected

1.3.6+dfsg.1-1
devel

not-affected

1.3.6+dfsg.1-1
disco

not-affected

1.3.6+dfsg.1-1
eoan

not-affected

1.3.6+dfsg.1-1
esm-apps/bionic

not-affected

1.3.6+dfsg.1-1
esm-apps/focal

not-affected

1.3.6+dfsg.1-1
esm-apps/jammy

not-affected

1.3.6+dfsg.1-1
esm-apps/noble

not-affected

1.3.6+dfsg.1-1

Показывать по

Ссылки на источники

EPSS

Процентиль: 72%
0.00742
Низкий

6.8 Medium

CVSS2

8.8 High

CVSS3

Связанные уязвимости

nvd логотип

CVE-2018-9846

CVSS3: 8.8
nvd
почти 8 лет назад

In Roundcube from versions 1.2.0 to 1.3.5, with the archive plugin enabled and configured, it's possible to exploit the unsanitized, user-controlled "_uid" parameter (in an archive.php _task=mail&_mbox=INBOX&_action=plugin.move2archive request) to perform an MX (IMAP) injection attack by placing an IMAP command after a %0d%0a sequence. NOTE: this is less easily exploitable in 1.3.4 and later because of a Same Origin Policy protection mechanism.

debian логотип

CVE-2018-9846

CVSS3: 8.8
debian
почти 8 лет назад

In Roundcube from versions 1.2.0 to 1.3.5, with the archive plugin ena ...

github логотип

GHSA-3v75-9ch3-wfrw

CVSS3: 8.8
github
больше 3 лет назад

In Roundcube from versions 1.2.0 to 1.3.5, with the archive plugin enabled and configured, it's possible to exploit the unsanitized, user-controlled "_uid" parameter (in an archive.php _task=mail&_mbox=INBOX&_action=plugin.move2archive request) to perform an MX (IMAP) injection attack by placing an IMAP command after a %0d%0a sequence. NOTE: this is less easily exploitable in 1.3.4 and later because of a Same Origin Policy protection mechanism.

EPSS

Процентиль: 72%
0.00742
Низкий

6.8 Medium

CVSS2

8.8 High

CVSS3