Candidate: CVE-2012-1253
PublicDate: 2012-06-04 15:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1253
 http://sourceforge.net/projects/roundcubemail/files/roundcubemail/0.7/
 http://jvndb.jvn.jp/jvndb/JVNDB-2012-000050
 http://jvn.jp/en/jp/JVN21422837/index.html
Description:
 Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 0.7,
 when Internet Explorer is used, allows remote attackers to inject arbitrary
 web script or HTML via vectors involving an embedded image attachment.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_roundcube:
upstream_roundcube: released (0.7)
hardy_roundcube: ignored (reached end-of-life)
lucid_roundcube: ignored (reached end-of-life)
natty_roundcube: ignored (reached end-of-life)
oneiric_roundcube: ignored (reached end-of-life)
precise_roundcube: not-affected (0.7.1-2)
quantal_roundcube: not-affected (0.7.2-1)
raring_roundcube: not-affected (0.7.2-1)
saucy_roundcube: not-affected (0.7.2-1)
devel_roundcube: not-affected (0.7.2-1)