1. CVE-Search
  2. CVE-2008-5620
ID CVE-2008-5620
Summary RoundCube Webmail (roundcubemail) before 0.2-beta allows remote attackers to cause a denial of service (memory consumption) via crafted size parameters that are used to create a large quota image.
References
Vulnerable Configurations
  • cpe:2.3:a:roundcube:webmail:0.1:*:*:*:*:*:*:*
    cpe:2.3:a:roundcube:webmail:0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:roundcube:webmail:0.1:20050811:*:*:*:*:*:*
    cpe:2.3:a:roundcube:webmail:0.1:20050811:*:*:*:*:*:*
  • cpe:2.3:a:roundcube:webmail:0.1:20050820:*:*:*:*:*:*
    cpe:2.3:a:roundcube:webmail:0.1:20050820:*:*:*:*:*:*
  • cpe:2.3:a:roundcube:webmail:0.1:20051007:*:*:*:*:*:*
    cpe:2.3:a:roundcube:webmail:0.1:20051007:*:*:*:*:*:*
  • cpe:2.3:a:roundcube:webmail:0.1:20051021:*:*:*:*:*:*
    cpe:2.3:a:roundcube:webmail:0.1:20051021:*:*:*:*:*:*
  • cpe:2.3:a:roundcube:webmail:0.1:alpha:*:*:*:*:*:*
    cpe:2.3:a:roundcube:webmail:0.1:alpha:*:*:*:*:*:*
  • cpe:2.3:a:roundcube:webmail:0.1:beta:*:*:*:*:*:*
    cpe:2.3:a:roundcube:webmail:0.1:beta:*:*:*:*:*:*
  • cpe:2.3:a:roundcube:webmail:0.1:beta2:*:*:*:*:*:*
    cpe:2.3:a:roundcube:webmail:0.1:beta2:*:*:*:*:*:*
  • cpe:2.3:a:roundcube:webmail:0.1:rc1:*:*:*:*:*:*
    cpe:2.3:a:roundcube:webmail:0.1:rc1:*:*:*:*:*:*
  • cpe:2.3:a:roundcube:webmail:0.1:rc2:*:*:*:*:*:*
    cpe:2.3:a:roundcube:webmail:0.1:rc2:*:*:*:*:*:*
  • cpe:2.3:a:roundcube:webmail:0.1:stable:*:*:*:*:*:*
    cpe:2.3:a:roundcube:webmail:0.1:stable:*:*:*:*:*:*
  • cpe:2.3:a:roundcube:webmail:0.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:roundcube:webmail:0.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:roundcube:webmail:0.2:*:*:*:*:*:*:*
    cpe:2.3:a:roundcube:webmail:0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:roundcube:webmail:0.2:alpha:*:*:*:*:*:*
    cpe:2.3:a:roundcube:webmail:0.2:alpha:*:*:*:*:*:*
CVSS
Base: 7.8 (as of 08-08-2017 - 01:33)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:C
refmap via4
confirm http://sourceforge.net/forum/forum.php?forum_id=898542
vupen ADV-2008-3418
xf webmail-quota-image-dos(47550)
Last major update 08-08-2017 - 01:33
Published 17-12-2008 - 02:30
Last modified 08-08-2017 - 01:33
Back to Top