Lucene search

MitreCVE-2014-9472

HistoryMar 09, 2015 - 2:59 p.m.

CVE-2014-9472

2015-03-0914:59:02

CWE-399

mitre

web.nvd.nist.gov

email gateway

remote attackers

denial of service

crafted email

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

AI Score

Confidence

High

EPSS

0.014

Percentile

86.6%

JSON

The email gateway in RT (aka Request Tracker) 3.0.0 through 4.x before 4.0.23 and 4.2.x before 4.2.10 allows remote attackers to cause a denial of service (CPU and disk consumption) via a crafted email.

Affected configurations

Nvd

Node

debiandebian_linuxMatch7.0

Node

fedoraprojectfedoraMatch21

fedoraprojectfedoraMatch22

Node

bestpracticalrequest_trackerMatch3.6.8

bestpracticalrequest_trackerMatch3.6.10

bestpracticalrequest_trackerMatch3.6.11

bestpracticalrequest_trackerMatch3.8.3

bestpracticalrequest_trackerMatch3.8.4

bestpracticalrequest_trackerMatch3.8.7

bestpracticalrequest_trackerMatch3.8.9

bestpracticalrequest_trackerMatch3.8.10

bestpracticalrequest_trackerMatch3.8.11

bestpracticalrequest_trackerMatch3.8.12

bestpracticalrequest_trackerMatch3.8.13

bestpracticalrequest_trackerMatch3.8.14

bestpracticalrequest_trackerMatch3.8.15

bestpracticalrequest_trackerMatch3.8.16

bestpracticalrequest_trackerMatch3.8.17

bestpracticalrequest_trackerMatch4.0.0

bestpracticalrequest_trackerMatch4.0.1

bestpracticalrequest_trackerMatch4.0.2

bestpracticalrequest_trackerMatch4.0.3

bestpracticalrequest_trackerMatch4.0.4

bestpracticalrequest_trackerMatch4.0.5

bestpracticalrequest_trackerMatch4.0.6

bestpracticalrequest_trackerMatch4.0.7

bestpracticalrequest_trackerMatch4.0.8

bestpracticalrequest_trackerMatch4.0.9

bestpracticalrequest_trackerMatch4.0.10

bestpracticalrequest_trackerMatch4.0.11

bestpracticalrequest_trackerMatch4.0.12

bestpracticalrequest_trackerMatch4.0.13

bestpracticalrequest_trackerMatch4.0.14

bestpracticalrequest_trackerMatch4.0.15

bestpracticalrequest_trackerMatch4.0.16

bestpracticalrequest_trackerMatch4.0.17

bestpracticalrequest_trackerMatch4.0.18

bestpracticalrequest_trackerMatch4.0.19

bestpracticalrequest_trackerMatch4.0.20

bestpracticalrequest_trackerMatch4.0.21

bestpracticalrequest_trackerMatch4.0.22

bestpracticalrequest_trackerMatch4.2.0

bestpracticalrequest_trackerMatch4.2.1

bestpracticalrequest_trackerMatch4.2.2

bestpracticalrequest_trackerMatch4.2.3

bestpracticalrequest_trackerMatch4.2.4

bestpracticalrequest_trackerMatch4.2.5

bestpracticalrequest_trackerMatch4.2.6

bestpracticalrequest_trackerMatch4.2.7

bestpracticalrequest_trackerMatch4.2.8

bestpracticalrequest_trackerMatch4.2.9

VendorProductVersionCPE
debiandebian_linux7.0cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
fedoraprojectfedora21cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*
fedoraprojectfedora22cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
bestpracticalrequest_tracker3.6.8cpe:2.3:a:bestpractical:request_tracker:3.6.8:*:*:*:*:*:*:*
bestpracticalrequest_tracker3.6.10cpe:2.3:a:bestpractical:request_tracker:3.6.10:*:*:*:*:*:*:*
bestpracticalrequest_tracker3.6.11cpe:2.3:a:bestpractical:request_tracker:3.6.11:*:*:*:*:*:*:*
bestpracticalrequest_tracker3.8.3cpe:2.3:a:bestpractical:request_tracker:3.8.3:*:*:*:*:*:*:*
bestpracticalrequest_tracker3.8.4cpe:2.3:a:bestpractical:request_tracker:3.8.4:*:*:*:*:*:*:*
bestpracticalrequest_tracker3.8.7cpe:2.3:a:bestpractical:request_tracker:3.8.7:*:*:*:*:*:*:*
bestpracticalrequest_tracker3.8.9cpe:2.3:a:bestpractical:request_tracker:3.8.9:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
debian	debian_linux	7.0	cpe:2.3:o:debian:debian_linux:7.0:::::::*
fedoraproject	fedora	21	cpe:2.3:o:fedoraproject:fedora:21:::::::*
fedoraproject	fedora	22	cpe:2.3:o:fedoraproject:fedora:22:::::::*
bestpractical	request_tracker	3.6.8	cpe:2.3:a:bestpractical:request_tracker:3.6.8:::::::*
bestpractical	request_tracker	3.6.10	cpe:2.3:a:bestpractical:request_tracker:3.6.10:::::::*
bestpractical	request_tracker	3.6.11	cpe:2.3:a:bestpractical:request_tracker:3.6.11:::::::*
bestpractical	request_tracker	3.8.3	cpe:2.3:a:bestpractical:request_tracker:3.8.3:::::::*
bestpractical	request_tracker	3.8.4	cpe:2.3:a:bestpractical:request_tracker:3.8.4:::::::*
bestpractical	request_tracker	3.8.7	cpe:2.3:a:bestpractical:request_tracker:3.8.7:::::::*
bestpractical	request_tracker	3.8.9	cpe:2.3:a:bestpractical:request_tracker:3.8.9:::::::*