CVE-2010-0464

EPSS 0.26%

Published: 1/29/2010Modified: 5/29/2026

Also known as:DEBIAN-CVE-2010-0464

Description

Roundcube 0.3.1 and earlier does not request that the web browser avoid DNS prefetching of domain names contained in e-mail messages, which makes it easier for remote attackers to determine the network location of the webmail user by logging DNS requests.

Affected packages (1)

Debian/roundcubefrom 0, < 0.3.1-3

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2010-0464