RoundCube Webmail 'generic_message_footer' Value Arbitrary File Access Vulnerability

RoundCube Webmail is prone to an arbitrary file-access vulnerability.

An attacker can exploit this issue to read arbitrary files in the context of the web server process, which may aid in further attacks.

Versions prior to RoundCube Webmail 0.8.6 and 0.7.3 are vulnerable.


Privacy Statement
Copyright 2010, SecurityFocus