PT-2014-2255 · Red Hat · Red Hat Enterprise Mrg

Stanislav Graf

Published

2014-07-19

Updated

2021-07-15

CVE-2012-2682

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Red Hat Enterprise MRG 2.5

Description The issue allows attackers with certain database privileges to cause a denial of service, resulting in an inaccessible page. This can be achieved by including a non-ASCII character in the name of a link.

Recommendations For Red Hat Enterprise MRG 2.5, consider restricting database privileges to prevent unauthorized access, and avoid using non-ASCII characters in link names until a fix is available.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2012-2682

RHSA-2014:0858

RHSA-2014:0859

Affected Products

Red Hat Enterprise Mrg

PT-2014-2255 · Red Hat · Red Hat Enterprise Mrg

CVE-2012-2682

Weakness Enumeration

Related Identifiers

Affected Products

References · 4