Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0413

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2009-0413
Last Modified 24 Aug 2015 12:38:05
Published 03 Feb 2009 06:30:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-0413

Summary

Cross-site scripting (XSS) vulnerability in RoundCube Webmail (roundcubemail) 0.2 stable allows remote attackers to inject arbitrary web script or HTML via the background attribute embedded in an HTML e-mail message.

Vulnerable Systems

Application

  • Roundcube Webmail 0.2


References

FEDORA - FEDORA-2009-1256

XF - roundcube-html-xss(48129)

VUPEN - ADV-2009-0192

BID - 33372

CONFIRM - http://trac.roundcube.net/changeset/2245

SECUNIA - 33827

SECUNIA - 33622


Last Updated: 27 May 2016 11:09:38