FreeBSD : roundcube -- remote execution of arbitrary code (8f483746-d45d-11dd-84ec-001fc66e7203)
Critical Nessus Plugin ID 35285
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionEntry for CVE-2008-5619 says :
html2text.php in RoundCube Webmail (roundcubemail) 0.2-1.alpha and 0.2-3.beta allows remote attackers to execute arbitrary code via crafted input that is processed by the preg_replace function with the eval switch.
SolutionUpdate the affected package.