CVE-2015-5383

Published: 23 May 2017

Roundcube Webmail 1.1.x before 1.1.2 allows remote attackers to obtain sensitive information by reading files in the (1) config, (2) temp, or (3) logs directory.

Priority

Medium

CVSS 3 base score: 7.5

Status

Package Release Status
roundcube
Launchpad, Ubuntu, Debian
Upstream
Released (1.1.2)
Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(1.2~beta+dfsg.1-0ubuntu1)
Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable
(1.2~beta+dfsg.1-0ubuntu1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected)