CVE-2010-4764

Name of the Vulnerable Software and Affected Versions Open Ticket Request System (OTRS) versions 2.4.9 and earlier Open Ticket Request System (OTRS) versions 3.x before 3.0.3

Description The issue concerns the handling of incoming encrypted e-mail messages based on revoked PGP or GPG keys. It does not present warnings about such messages, making it easier for remote attackers to spoof e-mail communication by leveraging a revoked key with a revocation signature.

Recommendations For Open Ticket Request System (OTRS) versions 2.4.9 and earlier, update to version 2.4.10 or later. For Open Ticket Request System (OTRS) versions 3.x before 3.0.3, update to version 3.0.3 or later.