VDB

DEBIAN-CVE-2010-0464

DEBIAN-CVE-2010-0464 PUBLISHED

Roundcube 0.3.1 and earlier does not request that the web browser avoid DNS prefetching of domain names contained in e-mail messages, which makes it easier for remote attackers to determine the network location of the webmail user by logging DNS requests.

Affected Products

VendorProductVersions
Debian:12roundcube0, 0, 0
Debian:11roundcube0, 0, 0
Debian:13roundcube0, 0, 0
Debian:14roundcube0

Timeline

  • Jan 29, 2010 CVE Published
  • May 10, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›