FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

roundcube -- remote execution of arbitrary code

Affected packages
roundcube < 0.2.b2,1

Details

VuXML ID 8f483746-d45d-11dd-84ec-001fc66e7203
Discovery 2008-12-12
Entry 2008-12-30

Entry for CVE-2008-5619 says:

html2text.php in RoundCube Webmail (roundcubemail) 0.2-1.alpha and 0.2-3.beta allows remote attackers to execute arbitrary code via crafted input that is processed by the preg_replace function with the eval switch.

[source]

References

CVE Name CVE-2008-5619
URL http://trac.roundcube.net/ticket/1485618

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.