CVE Vulnerabilities

CVE-2010-4764

Published: Mar 18, 2011 | Modified: Mar 22, 2011
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Open Ticket Request System (OTRS) before 2.4.10, and 3.x before 3.0.3, does not present warnings about incoming encrypted e-mail messages that were based on revoked PGP or GPG keys, which makes it easier for remote attackers to spoof e-mail communication by leveraging a key that has a revocation signature.

Affected Software

Name Vendor Start Version End Version
Otrs Otrs 3.0.2 3.0.2
Otrs Otrs 3.0.0 3.0.0
Otrs Otrs 3.0.1 3.0.1
Otrs Otrs 3.0.0 3.0.0
Otrs Otrs 3.0.0 3.0.0
Otrs Otrs 3.0.0 3.0.0
Otrs Otrs 3.0.0 3.0.0
Otrs Otrs 3.0.0 3.0.0
Otrs Otrs 3.0.0 3.0.0

References