Description
Argument injection vulnerability in Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote attackers to create arbitrary files via unspecified vectors related to the GnuPG client.
References (2)
Core 2
Core References
Various Sources mailing-list
x_refsource_mlist
http://lists.bestpractical.com/pipermail/rt-announce/2012-October/000212.html
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2012/dsa-2567
Scores
EPSS
0.0157
EPSS Percentile
72.3%
Details
CWE
CWE-94
Status
published
Products (16)
bestpractical/rt
3.8.0 (5 CPE variants)
bestpractical/rt
3.8.1 (7 CPE variants)
bestpractical/rt
3.8.2 (3 CPE variants)
bestpractical/rt
3.8.3 (3 CPE variants)
bestpractical/rt
3.8.4 (2 CPE variants)
bestpractical/rt
3.8.5
bestpractical/rt
3.8.6 (2 CPE variants)
bestpractical/rt
3.8.7 (2 CPE variants)
bestpractical/rt
3.8.8 (4 CPE variants)
bestpractical/rt
3.8.9 (4 CPE variants)
... and 6 more
Published
Nov 11, 2012
Tracked Since
Feb 18, 2026