PT-2011-1716 · Otrs · Otrs
Published
2011-03-18
·
Updated
2011-03-22
·
CVE-2010-4767
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
Open Ticket Request System (OTRS) versions prior to 2.3.6
Description
The issue arises from improper handling of e-mail messages with UTF-8 characters associated with diacritical marks and an invalid charset in the From line. This allows remote attackers to cause a denial of service by sending crafted messages to a POP3 mailbox, resulting in duplicate tickets and auto-responses.
Recommendations
For versions prior to 2.3.6, update to version 2.3.6 or later to resolve the issue.
Fix
DoS
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Otrs