| Max CVSS | 6.8 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2004-0797 | 2.1 |
The error handling in the (1) inflate and (2) inflateBack functions in ZLib compression library 1.2.x allows local users to cause a denial of service (application crash).
|
22-06-2022 - 16:40 | 20-10-2004 - 04:00 | |
| CVE-2013-3372 | 4.3 |
Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows remote attackers to inject multiple Content-Disposition HTTP headers and possibly conduct cross-site scripting (XSS) attacks via unspecified vectors.
|
27-08-2013 - 13:02 | 23-08-2013 - 16:55 | |
| CVE-2013-3374 | 4.3 |
Unspecified vulnerability in Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13, when using the Apache::Session::File session store, allows remote attackers to obtain sensitive information (user preferences and caches) via unknown vecto
|
26-08-2013 - 14:42 | 23-08-2013 - 16:55 | |
| CVE-2013-3373 | 5.0 |
CRLF injection vulnerability in Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a MIME header.
|
26-08-2013 - 14:38 | 23-08-2013 - 16:55 | |
| CVE-2013-3371 | 4.3 |
Cross-site scripting (XSS) vulnerability in Request Tracker (RT) 3.8.3 through 3.8.16 and 4.0.x before 4.0.13 allows remote attackers to inject arbitrary web script or HTML via the filename of an attachment.
|
26-08-2013 - 14:33 | 23-08-2013 - 16:55 | |
| CVE-2013-3370 | 6.8 |
Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 does not properly restrict access to private callback components, which allows remote attackers to have an unspecified impact via a direct request.
|
26-08-2013 - 14:31 | 23-08-2013 - 16:55 |