Lucene search

K
ubuntucveUbuntu.comUB:CVE-2011-2085
HistoryJun 04, 2012 - 12:00 a.m.

CVE-2011-2085

2012-06-0400:00:00
ubuntu.com
ubuntu.com
10

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

69.1%

Multiple cross-site request forgery (CSRF) vulnerabilities in Best
Practical Solutions RT before 3.8.12 and 4.x before 4.0.6 allow remote
attackers to hijack the authentication of arbitrary users.

Bugs

Notes

Author Note
jdstrand regressions found in DSA-2480 (see bugs)
OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchrequest-tracker3.8< 3.8.7-1ubuntu2.3UNKNOWN
ubuntu11.10noarchrequest-tracker3.8< 3.8.10-1ubuntu0.1UNKNOWN
ubuntu12.04noarchrequest-tracker3.8< 3.8.11-1ubuntu0.1UNKNOWN

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

69.1%

Related for UB:CVE-2011-2085