Description

Multiple buffer overflows in the DBMail driver in the Password plugin in Roundcube before 1.1.0 allow remote attackers to have unspecified impact via the (1) password or (2) username.

Remediation

References

CVE-2015-2181

Related Vulnerabilities

Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2016-3690)

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (3.3.21)

WordPress Plugin Social Sharing-Kiwi Security Bypass (2.1.0)

WordPress Plugin WP Reset-Most Advanced WordPress Reset Tool Cross-Site Scripting (1.86)

Drupal Core 7.x Cross-Site Request Forgery (7.0 - 7.12)

Severity

High

Classification

CVE-2015-2181 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities