CVE-2011-1492
published 2011-04-08CVE-2011-1492: steps/utils/modcss.inc in Roundcube Webmail before 0.5.1 does not properly verify that a request is an expected request for an external Cascading Style Sheets…
PriorityP428medium5.5CVSS 2.0
AVNACLAuSCPIPAN
EPSS
1.76%
75.2th percentile
steps/utils/modcss.inc in Roundcube Webmail before 0.5.1 does not properly verify that a request is an expected request for an external Cascading Style Sheets (CSS) stylesheet, which allows remote authenticated users to trigger arbitrary outbound TCP connections from the server, and possibly obtain sensitive information, via a crafted request.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | roundcube | < roundcube 0.5.1-1 (bookworm) | roundcube 0.5.1-1 (bookworm) |
| roundcube | webmail | <= 0.5 | — |
| roundcube | webmail | — | — |
| roundcube | webmail | — | — |
| roundcube | webmail | — | — |
| roundcube | webmail | — | — |
| roundcube | webmail | — | — |
| roundcube | webmail | — | — |
| roundcube | webmail | — | — |
| roundcube | webmail | — | — |
| roundcube | webmail | — | — |
| roundcube | webmail | — | — |
CVSS provenance
nvdv2.05.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:N
osv5.5MEDIUM
vendor_debian5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2011-1492: roundcube - steps/utils/modcss.inc in Roundcube Webmail before 0.5.1 does not properly verif...
vendor_debian·2011·CVSS 5.5
CVE-2011-1492 [MEDIUM] CVE-2011-1492: roundcube - steps/utils/modcss.inc in Roundcube Webmail before 0.5.1 does not properly verif...
steps/utils/modcss.inc in Roundcube Webmail before 0.5.1 does not properly verify that a request is an expected request for an external Cascading Style Sheets (CSS) stylesheet, which allows remote authenticated users to trigger arbitrary outbound TCP connections from the server, and possibly obtain sensitive information, via a crafted request.
Scope: local
bookworm: resolved (fixed in 0.5.1-1)
bullseye: resolved (fixed in 0.5.1-1)
forky: resolved (fixed in 0.5.1-1)
sid: resolved (fixed in 0.5.1-1)
trixie: resolved (fixed in 0.5.1-1)
GHSA
GHSA-r646-w9ph-62w9: steps/utils/modcss
ghsa_unreviewed·2022-05-17
CVE-2011-1492 [MEDIUM] CWE-20 GHSA-r646-w9ph-62w9: steps/utils/modcss
steps/utils/modcss.inc in Roundcube Webmail before 0.5.1 does not properly verify that a request is an expected request for an external Cascading Style Sheets (CSS) stylesheet, which allows remote authenticated users to trigger arbitrary outbound TCP connections from the server, and possibly obtain sensitive information, via a crafted request.
OSV
CVE-2011-1492: steps/utils/modcss
osv·2011-04-08·CVSS 5.5
CVE-2011-1492 [MEDIUM] CVE-2011-1492: steps/utils/modcss
steps/utils/modcss.inc in Roundcube Webmail before 0.5.1 does not properly verify that a request is an expected request for an external Cascading Style Sheets (CSS) stylesheet, which allows remote authenticated users to trigger arbitrary outbound TCP connections from the server, and possibly obtain sensitive information, via a crafted request.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2011-1491 CVE-2011-1492 roundcubemail: v0.5.1 two security fixes
bugzilla·2011-03-24·CVSS 3.5
CVE-2011-1491 [LOW] CVE-2011-1491 CVE-2011-1492 roundcubemail: v0.5.1 two security fixes
CVE-2011-1491 CVE-2011-1492 roundcubemail: v0.5.1 two security fixes
Roundcube Webmail upstream has released v0.5.1 version:
[1] http://trac.roundcube.net/wiki/Changelog
which adds one security hardening:
1), Security: add optional referer check to prevent CSRF in GET requests
Relevant patches:
[2] http://trac.roundcube.net/changeset/4503
[3] http://trac.roundcube.net/changeset/4504
and fixes two security flaws:
2), Security: protect login form submission from CSRF
Relevant patch:
[4] http://trac.roundcube.net/changeset/4490
3), Security: prevent from relaying malicious requests through modcss.inc
Relevant patch:
[5] http://trac.roundcube.net/changeset/4488
References:
[6] http://www.openwall.com/lists/oss-security/2011/03/24/3
(CVE Request)
[7] http://roundcube.net/news
[8] http://sou
Bugzilla
CVE-2011-1491 CVE-2011-1492 roundcubemail: v0.5.1 two security fixes [epel-6]
bugzilla·2011-03-24·CVSS 3.5
CVE-2011-1491 [LOW] CVE-2011-1491 CVE-2011-1492 roundcubemail: v0.5.1 two security fixes [epel-6]
CVE-2011-1491 CVE-2011-1492 roundcubemail: v0.5.1 two security fixes [epel-6]
epel-6 tracking bug for roundcubemail: see blocks bug list for full details of the security issue(s).
This bug is never intended to be made public, please put any public notes
in the 'blocks' bugs.
[bug automatically created by: add-tracking-bugs]
Discussion:
roundcubemail-0.7.2-2.fc15 has been submitted as an update for Fedora 15.
https://admin.fedoraproject.org/updates/roundcubemail-0.7.2-2.fc15
---
roundcubemail-0.7.2-2.fc16 has been submitted as an update for Fedora 16.
https://admin.fedoraproject.org/updates/roundcubemail-0.7.2-2.fc16
---
roundcubemail-0.7.2-2.el6 has been submitted as an update for Fedora EPEL 6.
https://admin.fedoraproject.org/updates/roundcubemail-0.7.2-2.el6
---
Package round
Bugzilla
CVE-2011-1491 CVE-2011-1492 roundcubemail: v0.5.1 two security fixes [fedora-all]
bugzilla·2011-03-24·CVSS 3.5
CVE-2011-1491 [LOW] CVE-2011-1491 CVE-2011-1492 roundcubemail: v0.5.1 two security fixes [fedora-all]
CVE-2011-1491 CVE-2011-1492 roundcubemail: v0.5.1 two security fixes [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include the bug IDs of the
respective parent bugs filed against the "Security Response" product.
Please mention CVE ids in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=690456
Please note: this issue affects m
http://openwall.com/lists/oss-security/2011/03/24/3http://openwall.com/lists/oss-security/2011/03/24/4http://openwall.com/lists/oss-security/2011/04/04/50http://secunia.com/advisories/44050http://trac.roundcube.net/changeset/4488http://trac.roundcube.net/wiki/Changeloghttps://exchange.xforce.ibmcloud.com/vulnerabilities/66613http://openwall.com/lists/oss-security/2011/03/24/3http://openwall.com/lists/oss-security/2011/03/24/4http://openwall.com/lists/oss-security/2011/04/04/50http://secunia.com/advisories/44050http://trac.roundcube.net/changeset/4488http://trac.roundcube.net/wiki/Changeloghttps://exchange.xforce.ibmcloud.com/vulnerabilities/66613
2011-04-08
Published