CVE-2010-0464
29.01.2010, 18:30
Roundcube 0.3.1 and earlier does not request that the web browser avoid DNS prefetching of domain names contained in e-mail messages, which makes it easier for remote attackers to determine the network location of the webmail user by logging DNS requests.Enginsight
Vendor | Product | Version |
---|---|---|
roundcube | webmail | 𝑥 ≤ 0.3.1 |
roundcube | webmail | 0.1 |
roundcube | webmail | 0.1:20050811 |
roundcube | webmail | 0.1:20050820 |
roundcube | webmail | 0.1:20051007 |
roundcube | webmail | 0.1:20051021 |
roundcube | webmail | 0.1:alpha |
roundcube | webmail | 0.1:beta |
roundcube | webmail | 0.1:beta2 |
roundcube | webmail | 0.1:rc1 |
roundcube | webmail | 0.1:rc2 |
roundcube | webmail | 0.1:stable |
roundcube | webmail | 0.1.1 |
roundcube | webmail | 0.2 |
roundcube | webmail | 0.2:alpha |
roundcube | webmail | 0.2:beta |
roundcube | webmail | 0.2:stable |
roundcube | webmail | 0.2.1 |
roundcube | webmail | 0.2.2 |
roundcube | webmail | 0.3 |
roundcube | webmail | 0.3:beta |
roundcube | webmail | 0.3:rc1 |
roundcube | webmail | 0.3:stable |
𝑥
= Vulnerable software versions

Debian Releases

Ubuntu Releases
Common Weakness Enumeration
References