oval:org.mitre.oval:def:19395

Definition Id: oval:org.mitre.oval:def:19395
 
Oval ID: oval:org.mitre.oval:def:19395
Title: DSA-2787-1 roundcube - design error
Description: It was discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, does not properly sanitise the _session parameter in steps/utils/save_pref.inc during saving preferences. The vulnerability can be exploited to overwrite configuration settings and subsequently allowing random file access, manipulated SQL queries and even code execution.
Family: unix Class: patch
Reference(s): DSA-2787-1
CVE-2013-6172
Version: 5
Platform(s): Debian GNU/Linux 7
Debian GNU/kFreeBSD 7
Product(s): roundcube
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19338
 
Oval ID: oval:org.mitre.oval:def:19338
Title: Debian 7 is installed
Description: Debian 7 (wheezy) is installed
Family: unix Class: inventory
Reference(s): cpe:/o:debian:debian:7
Version: 7
Platform(s): Debian 7
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:19395
Definition Id: oval:org.mitre.oval:def:24894
 
Oval ID: oval:org.mitre.oval:def:24894
Title: Debian GNU/Linux is installed
Description: Debian GNU/Linux is installed
Family: unix Class: inventory
Reference(s): cpe:/o:debian:debian_gnu/linux
Version: 3
Platform(s): Debian GNU/Linux
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:19395
Definition Id: oval:org.mitre.oval:def:24698
 
Oval ID: oval:org.mitre.oval:def:24698
Title: Debian GNU/kFreeBSD is installed
Description: Debian GNU/kFreeBSD is installed
Family: unix Class: inventory
Reference(s): cpe:/o:debian:debian_gnu/kfreebsd
Version: 3
Platform(s): Debian GNU/kFreeBSD
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:19395