CVE-2014-9472

EPSS 0.88%
Published 09.03.2015 14:59:02
Last modified 12.04.2025 10:46:40
Source cve@mitre.org
Teams watchlist Login
Open Login

The email gateway in RT (aka Request Tracker) 3.0.0 through 4.x before 4.0.23 and 4.2.x before 4.2.10 allows remote attackers to cause a denial of service (CPU and disk consumption) via a crafted email.

Affected products Warnungen 0 Metrics 2 CWE 0 References 8

Data is provided by the National Vulnerability Database (NVD)

Debian ≫ Debian Linux Version7.0

Fedoraproject ≫ Fedora Version21

Fedoraproject ≫ Fedora Version22

Bestpractical ≫ Request Tracker Version3.6.8

Bestpractical ≫ Request Tracker Version3.6.10

Bestpractical ≫ Request Tracker Version3.6.11

Bestpractical ≫ Request Tracker Version3.8.3

Bestpractical ≫ Request Tracker Version3.8.4

Bestpractical ≫ Request Tracker Version3.8.7

Bestpractical ≫ Request Tracker Version3.8.9

Bestpractical ≫ Request Tracker Version3.8.10

Bestpractical ≫ Request Tracker Version3.8.11

Bestpractical ≫ Request Tracker Version3.8.12

Bestpractical ≫ Request Tracker Version3.8.13

Bestpractical ≫ Request Tracker Version3.8.14

Bestpractical ≫ Request Tracker Version3.8.15

Bestpractical ≫ Request Tracker Version3.8.16

Bestpractical ≫ Request Tracker Version3.8.17

Bestpractical ≫ Request Tracker Version4.0.0

Bestpractical ≫ Request Tracker Version4.0.1

Bestpractical ≫ Request Tracker Version4.0.2

Bestpractical ≫ Request Tracker Version4.0.3

Bestpractical ≫ Request Tracker Version4.0.4

Bestpractical ≫ Request Tracker Version4.0.5

Bestpractical ≫ Request Tracker Version4.0.6

Bestpractical ≫ Request Tracker Version4.0.7

Bestpractical ≫ Request Tracker Version4.0.8

Bestpractical ≫ Request Tracker Version4.0.9

Bestpractical ≫ Request Tracker Version4.0.10

Bestpractical ≫ Request Tracker Version4.0.11

Bestpractical ≫ Request Tracker Version4.0.12

Bestpractical ≫ Request Tracker Version4.0.13

Bestpractical ≫ Request Tracker Version4.0.14

Bestpractical ≫ Request Tracker Version4.0.15

Bestpractical ≫ Request Tracker Version4.0.16

Bestpractical ≫ Request Tracker Version4.0.17

Bestpractical ≫ Request Tracker Version4.0.18

Bestpractical ≫ Request Tracker Version4.0.19

Bestpractical ≫ Request Tracker Version4.0.20

Bestpractical ≫ Request Tracker Version4.0.21

Bestpractical ≫ Request Tracker Version4.0.22

Bestpractical ≫ Request Tracker Version4.2.0

Bestpractical ≫ Request Tracker Version4.2.1

Bestpractical ≫ Request Tracker Version4.2.2

Bestpractical ≫ Request Tracker Version4.2.3

Bestpractical ≫ Request Tracker Version4.2.4

Bestpractical ≫ Request Tracker Version4.2.5

Bestpractical ≫ Request Tracker Version4.2.6

Bestpractical ≫ Request Tracker Version4.2.7

Bestpractical ≫ Request Tracker Version4.2.8

Bestpractical ≫ Request Tracker Version4.2.9

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.88%	0.742

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.1	8.6	6.9	AV:N/AC:M/Au:N/C:N/I:N/A:C

http://blog.bestpractical.com/2015/02/security-vulnerabilities-in-rt.html

Vendor Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154213.html

Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2015-March/154047.html

Third Party Advisory

http://www.debian.org/security/2015/dsa-3176

Third Party Advisory

http://www.securityfocus.com/bid/72832

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2014-9472

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-9472

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-9472

EUVD