CVE-2012-4884

Request Tracker <4.0.8 - Command Injection

Title source: llm
STIX 2.1

Description

Argument injection vulnerability in Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote attackers to create arbitrary files via unspecified vectors related to the GnuPG client.

References (2)

Core 2
Core References
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2012/dsa-2567

Scores

EPSS 0.0157
EPSS Percentile 72.3%

Details

CWE
CWE-94
Status published
Products (16)
bestpractical/rt 3.8.0 (5 CPE variants)
bestpractical/rt 3.8.1 (7 CPE variants)
bestpractical/rt 3.8.2 (3 CPE variants)
bestpractical/rt 3.8.3 (3 CPE variants)
bestpractical/rt 3.8.4 (2 CPE variants)
bestpractical/rt 3.8.5
bestpractical/rt 3.8.6 (2 CPE variants)
bestpractical/rt 3.8.7 (2 CPE variants)
bestpractical/rt 3.8.8 (4 CPE variants)
bestpractical/rt 3.8.9 (4 CPE variants)
... and 6 more
Published Nov 11, 2012
Tracked Since Feb 18, 2026