CVE-2011-1008
28.02.2011, 16:00
Scrips_Overlay.pm in Best Practical Solutions RT before 3.8.9 does not properly restrict access to a TicketObj in a Scrip after a CurrentUser change, which allows remote authenticated users to obtain sensitive information via unspecified vectors, as demonstrated by custom-field value information, related to SQL logging.Enginsight
Vendor | Product | Version |
---|---|---|
bestpractical | rt | 𝑥 ≤ 3.8.9 |
bestpractical | rt | 1.0.0 |
bestpractical | rt | 1.0.1 |
bestpractical | rt | 1.0.2 |
bestpractical | rt | 1.0.3 |
bestpractical | rt | 1.0.4 |
bestpractical | rt | 1.0.5 |
bestpractical | rt | 1.0.6 |
bestpractical | rt | 1.0.7 |
bestpractical | rt | 2.0.0 |
bestpractical | rt | 2.0.1 |
bestpractical | rt | 2.0.2 |
bestpractical | rt | 2.0.3 |
bestpractical | rt | 2.0.4 |
bestpractical | rt | 2.0.5 |
bestpractical | rt | 2.0.5.1 |
bestpractical | rt | 2.0.5.3 |
bestpractical | rt | 2.0.6 |
bestpractical | rt | 2.0.7 |
bestpractical | rt | 2.0.8 |
bestpractical | rt | 2.0.8.2 |
bestpractical | rt | 2.0.9 |
bestpractical | rt | 2.0.11 |
bestpractical | rt | 2.0.12 |
bestpractical | rt | 2.0.13 |
bestpractical | rt | 2.0.14 |
bestpractical | rt | 2.0.15 |
bestpractical | rt | 3.0.0 |
bestpractical | rt | 3.0.1 |
bestpractical | rt | 3.0.2 |
bestpractical | rt | 3.0.3 |
bestpractical | rt | 3.0.4 |
bestpractical | rt | 3.0.5 |
bestpractical | rt | 3.0.6 |
bestpractical | rt | 3.0.7 |
bestpractical | rt | 3.0.7.1 |
bestpractical | rt | 3.0.8 |
bestpractical | rt | 3.0.9 |
bestpractical | rt | 3.0.10 |
bestpractical | rt | 3.0.11 |
bestpractical | rt | 3.0.12 |
bestpractical | rt | 3.2.0 |
bestpractical | rt | 3.2.1 |
bestpractical | rt | 3.2.2 |
bestpractical | rt | 3.2.3 |
bestpractical | rt | 3.4.0 |
bestpractical | rt | 3.4.1 |
bestpractical | rt | 3.4.2 |
bestpractical | rt | 3.4.3 |
bestpractical | rt | 3.4.4 |
bestpractical | rt | 3.4.5 |
bestpractical | rt | 3.4.6 |
bestpractical | rt | 3.6.0 |
bestpractical | rt | 3.6.1 |
bestpractical | rt | 3.6.2 |
bestpractical | rt | 3.6.3 |
bestpractical | rt | 3.6.4 |
bestpractical | rt | 3.6.5 |
bestpractical | rt | 3.6.6 |
bestpractical | rt | 3.6.7 |
bestpractical | rt | 3.6.8 |
bestpractical | rt | 3.6.9 |
bestpractical | rt | 3.8.0 |
bestpractical | rt | 3.8.1 |
bestpractical | rt | 3.8.2 |
bestpractical | rt | 3.8.3 |
bestpractical | rt | 3.8.4 |
bestpractical | rt | 3.8.5 |
bestpractical | rt | 3.8.6 |
bestpractical | rt | 3.8.6:rc1 |
bestpractical | rt | 3.8.7:rc1 |
bestpractical | rt | 3.8.8:rc2 |
bestpractical | rt | 3.8.8:rc3 |
bestpractical | rt | 3.8.8:rc4 |
bestpractical | rt | 3.8.9:rc1 |
bestpractical | rt | 3.8.9:rc2 |
𝑥
= Vulnerable software versions

Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
request-tracker3.6 |
| ||||||||||||||||||||
request-tracker3.8 |
|
Common Weakness Enumeration
References