Candidate: CVE-2011-4078
PublicDate: 2011-11-03 15:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4078
 http://openwall.com/lists/oss-security/2011/10/26/6
Description:
 include/iniset.php in Roundcube Webmail 0.5.4 and earlier, when PHP 5.3.7
 or 5.3.8 is used, allows remote attackers to trigger a GET request for an
 arbitrary URL, and cause a denial of service (resource consumption and
 inbox outage), via a Subject header containing only a URL, a related issue
 to CVE-2011-3379.
Ubuntu-Description:
Notes:
 mdeslaur> related issue to CVE-2011-3379
Bugs:
 http://trac.roundcube.net/ticket/1488086
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_roundcube:
upstream_roundcube: released (0.6)
hardy_roundcube: ignored (reached end-of-life)
lucid_roundcube: ignored (reached end-of-life)
maverick_roundcube: ignored (reached end-of-life)
natty_roundcube: ignored (reached end-of-life)
oneiric_roundcube: ignored (reached end-of-life)
precise_roundcube: ignored (reached end-of-life)
precise/esm_roundcube: DNE (precise was needed)
quantal_roundcube: ignored (reached end-of-life)
raring_roundcube: ignored (reached end-of-life)
saucy_roundcube: ignored (reached end-of-life)
trusty_roundcube: ignored (reached end-of-life)
trusty/esm_roundcube: DNE (trusty was not-affected)
utopic_roundcube: ignored (reached end-of-life)
vivid_roundcube: ignored (reached end-of-life)
vivid/stable-phone-overlay_roundcube: DNE
vivid/ubuntu-core_roundcube: DNE
wily_roundcube: ignored (reached end-of-life)
xenial_roundcube: ignored (end of standard support, was not-affected)
yakkety_roundcube: ignored (reached end-of-life)
zesty_roundcube: ignored (reached end-of-life)
artful_roundcube: ignored (reached end-of-life)
bionic_roundcube: not-affected (1.3.6+dfsg.1-1)
cosmic_roundcube: ignored (reached end-of-life)
disco_roundcube: ignored (reached end-of-life)
eoan_roundcube: ignored (reached end-of-life)
focal_roundcube: not-affected (1.4.3+dfsg.1-1)
groovy_roundcube: ignored (reached end-of-life)
hirsute_roundcube: ignored (reached end-of-life)
impish_roundcube: not-affected (1.4.11+dfsg.1-4)
jammy_roundcube: not-affected (1.5.0+dfsg.1-2)
devel_roundcube: not-affected (1.5.0+dfsg.1-2)