CVE-2015-2181

Multiple buffer overflows in the DBMail driver in the Password plugin in Roundcube before 1.1.0 allow remote attackers to have unspecified impact via the (1) password or (2) username.
References
Link Resource
http://www.securityfocus.com/bid/96391 Third Party Advisory VDB Entry
https://github.com/roundcube/roundcubemail/issues/4757 Exploit Vendor Advisory
http://www.securityfocus.com/bid/96391 Third Party Advisory VDB Entry
https://github.com/roundcube/roundcubemail/issues/4757 Exploit Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:roundcube:webmail:*:*:*:*:*:*:*:*

History

21 Nov 2024, 02:26

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/96391 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/96391 - Third Party Advisory, VDB Entry
References () https://github.com/roundcube/roundcubemail/issues/4757 - Exploit, Vendor Advisory () https://github.com/roundcube/roundcubemail/issues/4757 - Exploit, Vendor Advisory

Information

Published : 2017-01-30 22:59

Updated : 2024-11-21 02:26


NVD link : CVE-2015-2181

Mitre link : CVE-2015-2181

CVE.ORG link : CVE-2015-2181


JSON object : View

Products Affected

roundcube

  • webmail
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer