Description

Multiple buffer overflows in the DBMail driver in the Password plugin in Roundcube before 1.1.0 allow remote attackers to have unspecified impact via the (1) password or (2) username.

Remediation

References

CVE-2015-2181

Related Vulnerabilities

phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6610)

WordPress Anti-CSRF Token Security Bypass Weakness (3.3.1)

Apache HTTP Server Other Vulnerability (CVE-2002-1658)

Drupal Core 7.x Directory Traversal (7.0 - 7.66)

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-7298)

Severity

High

Classification

CVE-2015-2181 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities