CVE-2011-4458
EPSS 1.5%
Description
Best Practical Solutions RT 3.6.x, 3.7.x, and 3.8.x before 3.8.12 and 4.x before 4.0.6, when the VERPPrefix and VERPDomain options are enabled, allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-5092 and CVE-2011-5093.
How to fix CVE-2011-4458
To remediate CVE-2011-4458, upgrade the affected package to a fixed version below.
- Debian/request-tracker4—upgrade to 4.0.5-3 or later
Is CVE-2011-4458 being exploited?
Low — EPSS is 1.5%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 4.0.5-3