VYPR
Unrated severityNVD Advisory· Published Jul 24, 2013· Updated Jun 16, 2026

CVE-2012-6581

CVE-2012-6581

Description

Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, allows remote attackers to bypass intended restrictions on reading keys in the product's keyring, and trigger outbound e-mail messages signed by an arbitrary stored secret key, by leveraging a UI e-mail signing privilege.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

18
  • cpe:2.3:a:bestpractical:request_tracker:3.8.10:*:*:*:*:*:*:*+ 16 more
    • cpe:2.3:a:bestpractical:request_tracker:3.8.10:*:*:*:*:*:*:*
    • cpe:2.3:a:bestpractical:request_tracker:3.8.11:*:*:*:*:*:*:*
    • cpe:2.3:a:bestpractical:request_tracker:3.8.12:*:*:*:*:*:*:*
    • cpe:2.3:a:bestpractical:request_tracker:3.8.13:*:*:*:*:*:*:*
    • cpe:2.3:a:bestpractical:request_tracker:3.8.14:*:*:*:*:*:*:*
    • cpe:2.3:a:bestpractical:request_tracker:3.8.3:*:*:*:*:*:*:*
    • cpe:2.3:a:bestpractical:request_tracker:3.8.4:*:*:*:*:*:*:*
    • cpe:2.3:a:bestpractical:request_tracker:3.8.7:*:*:*:*:*:*:*
    • cpe:2.3:a:bestpractical:request_tracker:3.8.9:*:*:*:*:*:*:*
    • cpe:2.3:a:bestpractical:request_tracker:4.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:bestpractical:request_tracker:4.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:bestpractical:request_tracker:4.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:bestpractical:request_tracker:4.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:bestpractical:request_tracker:4.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:bestpractical:request_tracker:4.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:bestpractical:request_tracker:4.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:bestpractical:request_tracker:4.0.7:*:*:*:*:*:*:*
  • Bestpractical/Rtllm-create
    Range: 3.8.x < 3.8.15, 4.0.x < 4.0.8

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.