Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4730

Overview

Vulnerability Score 3.5 3.5
CVE Id CVE-2012-4730
Last Modified 12 Nov 2012 12:00:00
Published 11 Nov 2012 08:00:59
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2012-4730

Summary

Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote authenticated users with ModifySelf or AdminUser privileges to inject arbitrary email headers and conduct phishing attacks or obtain sensitive information via unknown vectors.

Vulnerable Systems

Application

  • Bestpractical Rt 3.8.0

  • Bestpractical Rt 3.8.1

  • Bestpractical Rt 3.8.10

  • Bestpractical Rt 3.8.11

  • Bestpractical Rt 3.8.12

  • Bestpractical Rt 3.8.13

  • Bestpractical Rt 3.8.14

  • Bestpractical Rt 3.8.2

  • Bestpractical Rt 3.8.3

  • Bestpractical Rt 3.8.4

  • Bestpractical Rt 3.8.5

  • Bestpractical Rt 3.8.6

  • Bestpractical Rt 3.8.7

  • Bestpractical Rt 3.8.8

  • Bestpractical Rt 3.8.9

  • Bestpractical Rt 4.0.0

  • Bestpractical Rt 4.0.1

  • Bestpractical Rt 4.0.2

  • Bestpractical Rt 4.0.3

  • Bestpractical Rt 4.0.4

  • Bestpractical Rt 4.0.5

  • Bestpractical Rt 4.0.6

  • Bestpractical Rt 4.0.7

  • Bestpractical Rt 4.0.8


References

MLIST - [rt-announce] 20121025 Security vulnerabilities in RT


Last Updated: 27 May 2016 10:58:27