CVE-2012-4730

Published: 11 November 2012

Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote authenticated users with ModifySelf or AdminUser privileges to inject arbitrary email headers and conduct phishing attacks or obtain sensitive information via unknown vectors.

Priority

Status

Package	Release	Status
request-tracker3.8 Launchpad, Ubuntu, Debian	hardy	Does not exist
	lucid	Released (3.8.7-1ubuntu2.3)
	oneiric	Released (3.8.10-1ubuntu0.1)
	precise	Released (3.8.11-1ubuntu0.1)
	quantal	Does not exist
	raring	Does not exist
	saucy	Does not exist
	trusty	Does not exist
	upstream	Released (3.8.8-7+squeeze6)
	utopic	Does not exist
	vivid	Does not exist
	wily	Does not exist
	xenial	Does not exist
	yakkety	Does not exist
	zesty	Does not exist
request-tracker4 Launchpad, Ubuntu, Debian	hardy	Does not exist
	lucid	Does not exist
	oneiric	Ignored (end of life)
	precise	Ignored (end of life)
	quantal	Ignored (end of life)
	raring	Not vulnerable (4.0.7-2)
	saucy	Not vulnerable (4.0.7-2)
	trusty	Does not exist (trusty was not-affected [4.0.7-2])
	upstream	Released (4.0.7-2)
	utopic	Not vulnerable (4.0.7-2)
	vivid	Not vulnerable (4.0.7-2)
	wily	Not vulnerable (4.0.7-2)
	xenial	Not vulnerable (4.0.7-2)
	yakkety	Not vulnerable (4.0.7-2)
	zesty	Not vulnerable (4.0.7-2)

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

CVE-2012-4730

Priority

Status

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Further reading