CVE-2012-4884
Published: 11 November 2012
Argument injection vulnerability in Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote attackers to create arbitrary files via unspecified vectors related to the GnuPG client.
Priority
Status
Package | Release | Status |
---|---|---|
request-tracker4 Launchpad, Ubuntu, Debian |
vivid |
Not vulnerable
(4.0.7-2)
|
hardy |
Does not exist
|
|
lucid |
Does not exist
|
|
oneiric |
Ignored
(end of life)
|
|
precise |
Ignored
(end of life)
|
|
quantal |
Ignored
(end of life)
|
|
raring |
Not vulnerable
(4.0.7-2)
|
|
saucy |
Not vulnerable
(4.0.7-2)
|
|
trusty |
Does not exist
(trusty was not-affected [4.0.7-2])
|
|
upstream |
Released
(4.0.7-2)
|
|
utopic |
Not vulnerable
(4.0.7-2)
|
|
wily |
Not vulnerable
(4.0.7-2)
|
|
xenial |
Not vulnerable
(4.0.7-2)
|
|
yakkety |
Not vulnerable
(4.0.7-2)
|
|
zesty |
Not vulnerable
(4.0.7-2)
|
|
request-tracker3.8 Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
lucid |
Released
(3.8.7-1ubuntu2.3)
|
|
oneiric |
Released
(3.8.10-1ubuntu0.1)
|
|
precise |
Released
(3.8.11-1ubuntu0.1)
|
|
quantal |
Does not exist
|
|
raring |
Does not exist
|
|
saucy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(3.8.8-7+squeeze6)
|
|
utopic |
Does not exist
|
|
vivid |
Does not exist
|
|
wily |
Does not exist
|
|
xenial |
Does not exist
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|