Candidate: CVE-2012-4730
PublicDate: 2012-11-11 13:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4730
 http://www.debian.org/security/2012/dsa-2567
Description:
 Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows
 remote authenticated users with ModifySelf or AdminUser privileges to
 inject arbitrary email headers and conduct phishing attacks or obtain
 sensitive information via unknown vectors.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_request-tracker4:
upstream_request-tracker4: released (4.0.7-2)
hardy_request-tracker4: DNE
lucid_request-tracker4: DNE
oneiric_request-tracker4: ignored (reached end-of-life)
precise_request-tracker4: ignored (reached end-of-life)
precise/esm_request-tracker4: DNE (precise was needed)
quantal_request-tracker4: ignored (reached end-of-life)
raring_request-tracker4: not-affected (4.0.7-2)
saucy_request-tracker4: not-affected (4.0.7-2)
trusty_request-tracker4: not-affected (4.0.7-2)
trusty/esm_request-tracker4: DNE (trusty was not-affected [4.0.7-2])
utopic_request-tracker4: not-affected (4.0.7-2)
vivid_request-tracker4: not-affected (4.0.7-2)
vivid/stable-phone-overlay_request-tracker4: DNE
vivid/ubuntu-core_request-tracker4: DNE
wily_request-tracker4: not-affected (4.0.7-2)
xenial_request-tracker4: not-affected (4.0.7-2)
yakkety_request-tracker4: not-affected (4.0.7-2)
zesty_request-tracker4: not-affected (4.0.7-2)
devel_request-tracker4: not-affected (4.0.7-2)

Patches_request-tracker3.8:
upstream_request-tracker3.8: released (3.8.8-7+squeeze6)
hardy_request-tracker3.8: DNE
lucid_request-tracker3.8: released (3.8.7-1ubuntu2.3)
oneiric_request-tracker3.8: released (3.8.10-1ubuntu0.1)
precise_request-tracker3.8: released (3.8.11-1ubuntu0.1)
precise/esm_request-tracker3.8: DNE (precise was released [3.8.11-1ubuntu0.1])
quantal_request-tracker3.8: DNE
raring_request-tracker3.8: DNE
saucy_request-tracker3.8: DNE
trusty_request-tracker3.8: DNE
trusty/esm_request-tracker3.8: DNE
utopic_request-tracker3.8: DNE
vivid_request-tracker3.8: DNE
vivid/stable-phone-overlay_request-tracker3.8: DNE
vivid/ubuntu-core_request-tracker3.8: DNE
wily_request-tracker3.8: DNE
xenial_request-tracker3.8: DNE
yakkety_request-tracker3.8: DNE
zesty_request-tracker3.8: DNE
devel_request-tracker3.8: DNE