CVE-2012-4884

Sažetak

Argument injection vulnerability in Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote attackers to create arbitrary files via unspecified vectors related to the GnuPG client.

Reference

http://lists.bestpractical.com/pipermail/rt-announce/2012-October/000212.html
http://www.debian.org/security/2012/dsa-2567

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

15-11-2012 - 05:00

Objavljeno

11-11-2012 - 13:00