SecuritySpace - CVE-2012-6581

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2012-6581

Description: Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, allows remote attackers to bypass intended restrictions on reading keys in the product's keyring, and trigger outbound e-mail messages signed by an arbitrary stored secret key, by leveraging a UI e-mail signing privilege.

Test IDs: 1.3.6.1.4.1.25623.1.0.72538

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2012-6581
http://lists.bestpractical.com/pipermail/rt-announce/2012-October/000212.html

CVE ID:	CVE-2012-6581
Description:	Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, allows remote attackers to bypass intended restrictions on reading keys in the product's keyring, and trigger outbound e-mail messages signed by an arbitrary stored secret key, by leveraging a UI e-mail signing privilege.
Test IDs:	1.3.6.1.4.1.25623.1.0.72538
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2012-6581 http://lists.bestpractical.com/pipermail/rt-announce/2012-October/000212.html