CVE-2011-1492

Current Description

steps/utils/modcss.inc in Roundcube Webmail before 0.5.1 does not properly verify that a request is an expected request for an external Cascading Style Sheets (CSS) stylesheet, which allows remote authenticated users to trigger arbitrary outbound TCP connections from the server, and possibly obtain sensitive information, via a crafted request.

Basic Data

PublishedApril 08, 2011
Last ModifiedAugust 17, 2017
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-20
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:S/C:P/I:P/A:N
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationSINGLE
CVSS 2 - Confidentiality ImpactPARTIAL
CVSS 2 - Availability ImpactNONE
CVSS 2 - Base Score5.5
SeverityMEDIUM
Exploitability Score8.0
Impact Score4.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationRoundcubeWebmail0.1*******
    2.3ApplicationRoundcubeWebmail0.1alpha******
    2.3ApplicationRoundcubeWebmail0.1beta******
    2.3ApplicationRoundcubeWebmail0.1beta2******
    2.3ApplicationRoundcubeWebmail0.1rc1******
    2.3ApplicationRoundcubeWebmail0.1rc2******
    2.3ApplicationRoundcubeWebmail0.1.1*******
    2.3ApplicationRoundcubeWebmail0.2*******
    2.3ApplicationRoundcubeWebmail0.2alpha******
    2.3ApplicationRoundcubeWebmail0.2beta******
    2.3ApplicationRoundcubeWebmail0.2.1*******
    2.3ApplicationRoundcubeWebmail0.3*******
    2.3ApplicationRoundcubeWebmail0.3beta******
    2.3ApplicationRoundcubeWebmail0.3rc1******
    2.3ApplicationRoundcubeWebmail0.3.1*******
    2.3ApplicationRoundcubeWebmail0.4*******
    2.3ApplicationRoundcubeWebmail0.4beta******
    2.3ApplicationRoundcubeWebmail0.4.1*******
    2.3ApplicationRoundcubeWebmail0.4.2*******
    2.3ApplicationRoundcubeWebmail********0.5
    2.3ApplicationRoundcubeWebmail0.5beta******
    2.3ApplicationRoundcubeWebmail0.5rc******

Vulnerable Software List

VendorProductVersions
Roundcube Webmail *, 0.1, 0.1.1, 0.2, 0.2.1, 0.3, 0.3.1, 0.4, 0.4.1, 0.4.2, 0.5

References

NameSourceURLTags
[oss-security] 20110324 CVE request: roundcube < 0.5.1 CSRFhttp://openwall.com/lists/oss-security/2011/03/24/3MLIST
[oss-security] 20110324 Re: CVE request: roundcube < 0.5.1 CSRFhttp://openwall.com/lists/oss-security/2011/03/24/4MLISTPatch
[oss-security] 20110404 Re: CVE request: roundcube < 0.5.1 CSRFhttp://openwall.com/lists/oss-security/2011/04/04/50MLISTPatch
44050http://secunia.com/advisories/44050SECUNIAVendor Advisory
http://trac.roundcube.net/changeset/4488http://trac.roundcube.net/changeset/4488CONFIRMPatch
http://trac.roundcube.net/wiki/Changeloghttp://trac.roundcube.net/wiki/ChangelogCONFIRM
roundcube-modcss-security-bypass(66613)https://exchange.xforce.ibmcloud.com/vulnerabilities/66613XF