Fluid Attacks Database

Description

Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, allows remote attackers to configure encryption or signing for certain outbound e-mail, and possibly cause a denial of service (loss of e-mail readability), via an e-mail message to a queue's address.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 12	request-tracker4	>=0 <4.0.7-2	4.0.7-2
debian 11	request-tracker4	>=0 <4.0.7-2	4.0.7-2

Aliases

1. CVE-2012-65792. NVD-2012-65793. OSV-DEBIAN-2012-65794. OSV-2012-65795. SECURITY-TRACKER-CVE-2012-6579

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.