Oval Definition:	oval:org.opensuse.security:def:20136172
Revision Date: 2022-06-30 Version: 1 Title: CVE-2013-6172 Description: steps/utils/save_pref.inc in Roundcube webmail before 0.8.7 and 0.9.x before 0.9.5 allows remote attackers to modify configuration settings via the _session parameter, which can be leveraged to read arbitrary files, conduct SQL injection attacks, and execute arbitrary code. Family: unix Class: vulnerability Status: Reference(s): CVE-2013-6172 Mitre CVE-2013-6172 SUSE CVE-2013-6172 openSUSE-SU-2014:0365-1 Platform(s): openSUSE 12.3 Update openSUSE 13.1 openSUSE Tumbleweed Product(s): Definition Synopsis openSUSE 13.1 is installed AND Package Information php5-pear-Net_IDNA2-0.1.1-5.1 is installed OR roundcubemail-0.9.5-2.10.1 is installed Definition Synopsis openSUSE Tumbleweed is installed AND roundcubemail-1.2.3-1.1 is installed
BACK