PT-2012-2071 · Best Practical Solutions+1 · Request Tracker+1

Published

2012-06-04

Updated

2012-06-05

CVE-2011-5093

CVSS v2.0

6.5

Medium

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

Best Practical Solutions RT 4.x before 4.0.6 does not properly implement the DisallowExecuteCode option, which allows remote authenticated users to bypass intended access restrictions and execute arbitrary code by leveraging access to a privileged account, a different vulnerability than CVE-2011-4458 and CVE-2011-5092.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2011-5093

Affected Products

Request Tracker

PT-2012-2071 · Best Practical Solutions+1 · Request Tracker+1

CVE-2011-5093

Weakness Enumeration

Related Identifiers

Affected Products

References · 5