SB2018041219 - Command injection in roundcubemail (Alpine package)
Published: April 12, 2018
Security Bulletin ID
SB2018041219
Severity
Medium
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Data manipulation
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Command injection (CVE-ID: CVE-2018-9846)
The vulnerability allows a remote attacker to execute arbitrary IMAP command.The vulnerability exists in Roundcube when processing user-supplied data passed via the "_uid" HTTP GET parameter to archive.php script. A remote authenticated attacker can execute arbitrary IMAP command after "%0d%0a" characters.
Successful exploitation of the vulnerability may allow an attacker to gain unauthorized access to email messages of other users.
Remediation
Install update from vendor's website.