FreeBSD : roundcube -- webmail script insertion and php code injection (35c0b572-125a-11de-a964-0030843d3802)
Medium Nessus Plugin ID 35935
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionSecunia reports :
Some vulnerabilities have been reported in RoundCube Webmail, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct script insertion attacks and compromise a vulnerable system.
The HTML 'background' attribute within e.g. HTML emails is not properly sanitised before being used. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site if a malicious email is viewed.
Input passed via a vCard is not properly sanitised before being used in a call to 'preg_replace()' with the 'e' modifier in program/include/rcube_vcard.php. This can be exploited to inject and execute arbitrary PHP code by e.g. tricking a user into importing a malicious vCard file.
SolutionUpdate the affected package.