CVE-2012-6580

Name of the Vulnerable Software and Affected Versions Best Practical Solutions RT versions 3.8.x through 3.8.14 Best Practical Solutions RT versions 4.0.x through 4.0.7

Description The issue might make it easier for remote attackers to spoof details of a message's origin or interfere with encryption-policy auditing via an e-mail message to a queue's address, as the UI does not ensure that unencrypted messages are labeled as such when GnuPG is enabled.

Recommendations For versions 3.8.x through 3.8.14, update to version 3.8.15 or later. For versions 4.0.x through 4.0.7, update to version 4.0.8 or later.