What is CVE-2014-9472?

CVE-2014-9472 is a vulnerability in Bestpractical Request_tracker, classified under CWE-399. Published 2015-03-09.

Is CVE-2014-9472 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Bestpractical Request_tracker

CVE-2014-9472

The email gateway in RT (aka Request Tracker) 3.0.0 through 4.x before 4.0.23 and 4.2.x before 4.2.10 allows remote attackers to cause a denial of service (CPU and disk consumption) via a crafted email.

EPSS: 0.009 (75.7th percentile) — read the EPSS interpretation.

Affected products

Bestpractical Request_tracker — versions 3.6.8, 3.6.10, 3.6.11
Debian Debian_linux — versions 7.0
Fedoraproject Fedora — versions 21, 22
N/a — versions n/a

Weakness classification (CWE)

CWE-399

Public proof-of-concept exploits

ARPSyndicate/cvemon

References

cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
72832 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)
DSA-3176 (vendor-advisory, Third Party Advisory, x_refsource_DEBIAN)
FEDORA-2015-4698 (x_refsource_FEDORA, vendor-advisory, Third Party Advisory)
FEDORA-2015-4666 (x_refsource_FEDORA, vendor-advisory, Third Party Advisory)

Frequently asked questions

What is CVE-2014-9472?: CVE-2014-9472 is a vulnerability in Bestpractical Request_tracker, classified under CWE-399. Published 2015-03-09.
Is CVE-2014-9472 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.