4
CVE-2011-1008
- EPSS 1.53%
- Veröffentlicht 28.02.2011 16:00:01
- Zuletzt bearbeitet 16.06.2026 23:28:32
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Scrips_Overlay.pm in Best Practical Solutions RT before 3.8.9 does not properly restrict access to a TicketObj in a Scrip after a CurrentUser change, which allows remote authenticated users to obtain sensitive information via unspecified vectors, as demonstrated by custom-field value information, related to SQL logging.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Bestpractical ≫ Rt Updaterc3 Version <= 3.8.9
Bestpractical ≫ Rt Version1.0.0
Bestpractical ≫ Rt Version1.0.1
Bestpractical ≫ Rt Version1.0.2
Bestpractical ≫ Rt Version1.0.3
Bestpractical ≫ Rt Version1.0.4
Bestpractical ≫ Rt Version1.0.5
Bestpractical ≫ Rt Version1.0.6
Bestpractical ≫ Rt Version1.0.7
Bestpractical ≫ Rt Version2.0.0
Bestpractical ≫ Rt Version2.0.1
Bestpractical ≫ Rt Version2.0.2
Bestpractical ≫ Rt Version2.0.3
Bestpractical ≫ Rt Version2.0.4
Bestpractical ≫ Rt Version2.0.5
Bestpractical ≫ Rt Version2.0.5.1
Bestpractical ≫ Rt Version2.0.5.3
Bestpractical ≫ Rt Version2.0.6
Bestpractical ≫ Rt Version2.0.7
Bestpractical ≫ Rt Version2.0.8
Bestpractical ≫ Rt Version2.0.8.2
Bestpractical ≫ Rt Version2.0.9
Bestpractical ≫ Rt Version2.0.11
Bestpractical ≫ Rt Version2.0.12
Bestpractical ≫ Rt Version2.0.13
Bestpractical ≫ Rt Version2.0.14
Bestpractical ≫ Rt Version2.0.15
Bestpractical ≫ Rt Version3.0.0
Bestpractical ≫ Rt Version3.0.1
Bestpractical ≫ Rt Version3.0.2
Bestpractical ≫ Rt Version3.0.3
Bestpractical ≫ Rt Version3.0.4
Bestpractical ≫ Rt Version3.0.5
Bestpractical ≫ Rt Version3.0.6
Bestpractical ≫ Rt Version3.0.7
Bestpractical ≫ Rt Version3.0.7.1
Bestpractical ≫ Rt Version3.0.8
Bestpractical ≫ Rt Version3.0.9
Bestpractical ≫ Rt Version3.0.10
Bestpractical ≫ Rt Version3.0.11
Bestpractical ≫ Rt Version3.0.12
Bestpractical ≫ Rt Version3.2.0
Bestpractical ≫ Rt Version3.2.1
Bestpractical ≫ Rt Version3.2.2
Bestpractical ≫ Rt Version3.2.3
Bestpractical ≫ Rt Version3.4.0
Bestpractical ≫ Rt Version3.4.1
Bestpractical ≫ Rt Version3.4.2
Bestpractical ≫ Rt Version3.4.3
Bestpractical ≫ Rt Version3.4.4
Bestpractical ≫ Rt Version3.4.5
Bestpractical ≫ Rt Version3.4.6
Bestpractical ≫ Rt Version3.6.0
Bestpractical ≫ Rt Version3.6.1
Bestpractical ≫ Rt Version3.6.2
Bestpractical ≫ Rt Version3.6.3
Bestpractical ≫ Rt Version3.6.4
Bestpractical ≫ Rt Version3.6.5
Bestpractical ≫ Rt Version3.6.6
Bestpractical ≫ Rt Version3.6.7
Bestpractical ≫ Rt Version3.6.8
Bestpractical ≫ Rt Version3.6.9
Bestpractical ≫ Rt Version3.8.0
Bestpractical ≫ Rt Version3.8.1
Bestpractical ≫ Rt Version3.8.2
Bestpractical ≫ Rt Version3.8.3
Bestpractical ≫ Rt Version3.8.4
Bestpractical ≫ Rt Version3.8.5
Bestpractical ≫ Rt Version3.8.6
Bestpractical ≫ Rt Version3.8.6 Updaterc1
Bestpractical ≫ Rt Version3.8.7 Updaterc1
Bestpractical ≫ Rt Version3.8.8 Updaterc2
Bestpractical ≫ Rt Version3.8.8 Updaterc3
Bestpractical ≫ Rt Version3.8.8 Updaterc4
Bestpractical ≫ Rt Version3.8.9 Updaterc1
Bestpractical ≫ Rt Version3.8.9 Updaterc2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.53% | 0.715 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:P/I:N/A:N
|
http://secunia.com/advisories/43438
http://www.vupen.com/english/advisories/2011/0475
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E
http://lists.bestpractical.com/pipermail/rt-announce/2011-February/000186.html
http://openwall.com/lists/oss-security/2011/02/22/12
http://openwall.com/lists/oss-security/2011/02/22/16
http://openwall.com/lists/oss-security/2011/02/22/6
http://openwall.com/lists/oss-security/2011/02/23/22
http://openwall.com/lists/oss-security/2011/02/24/7
http://openwall.com/lists/oss-security/2011/02/24/8
http://openwall.com/lists/oss-security/2011/02/24/9
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=614576
http://osvdb.org/71011
https://exchange.xforce.ibmcloud.com/vulnerabilities/65772
https://github.com/bestpractical/rt/commit/2338cd19ed7a7f4c1e94f639ab2789d6586d01f3