VYPR
← All advisories
Unrated severityNVD Advisory· Published Mar 18, 2011· Updated Apr 29, 2026

CVE-2010-4767

CVE-2010-4767

Description

Open Ticket Request System (OTRS) before 2.3.6 does not properly handle e-mail messages in which the From line contains UTF-8 characters associated with diacritical marks and an invalid charset, which allows remote attackers to cause a denial of service (duplicate tickets and duplicate auto-responses) by sending a crafted message to a POP3 mailbox.

Affected products

82
  • OTRS/Otrs82 versions
    cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*+ 81 more
    • cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*range: <=2.3.5
    • cpe:2.3:a:otrs:otrs:0.5:beta1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:0.5:beta2:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:0.5:beta3:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:0.5:beta4:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:0.5:beta5:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:0.5:beta6:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:0.5:beta7:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:0.5:beta8:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.0:rc3:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.1.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.1.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.1:rc1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.2.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.2.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.2.0:beta3:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.3.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.3.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.3.0:beta3:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.3.0:beta4:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:1.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.0:beta4:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.0:beta5:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.0:beta6:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.8:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.9:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.0:beta3:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.0:beta4:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.6:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.7:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.8:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.9:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.3.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.3.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.3.0:beta3:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.3.0:beta4:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.3.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.3.4:*:*:*:*:*:*:*
    • (no CPE)range: <2.3.6

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

0

No linked articles in our index yet.