CVE-2012-6578

Name of the Vulnerable Software and Affected Versions Best Practical Solutions RT versions 3.8.x through 3.8.14 Best Practical Solutions RT versions 4.0.x through 4.0.7

Description The issue occurs when GnuPG is enabled with a "Sign by default" queue configuration, allowing the use of a queue's key for signing. This might enable remote attackers to spoof messages by exploiting the lack of authentication semantics.

Recommendations For versions 3.8.x through 3.8.14, update to version 3.8.15 or later. For versions 4.0.x through 4.0.7, update to version 4.0.8 or later.