ubuntu · CVE-2011-5093

Quick triage

Priority: medium Published: 2012-06-04 19:55:00 UTC Updated: 2024-07-24 15:57:39 UTC

View at Official ubuntu advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2011-5093 medium priority: Ubuntu including 3 source packages (request-tracker3.6, request-tracker3.8, request-tracker4), 48 status rows across 16 suites (hardy, lucid, natty, oneiric, precise, quantal, raring, saucy, trusty, upstream, utopic, vivid, wily, xenial, yakkety, zesty): DNE 29, not-affected 14, ignored 3, needs-triage 1, released 1.

Description:

Best Practical Solutions RT 4.x before 4.0.6 does not properly implement the DisallowExecuteCode option, which allows remote authenticated users to bypass intended access restrictions and execute arbitrary code by leveraging access to a privileged account, a different vulnerability than CVE-2011-4458 and CVE-2011-5092.

cvelogic Threat Intelligence