CVE-2011-4458 Information

Description

Best Practical Solutions RT 3.6.x 3.7.x and 3.8.x before 3.8.12 and 4.x before 4.0.6 when the VERPPrefix and VERPDomain options are enabled allows remote attackers to execute arbitrary code via unspecified vectors a different vulnerability than CVE-2011-5092 and CVE-2011-5093.

Reference

http://lists.bestpractical.com/pipermail/rt-announce/2012-May/000202.html http://lists.bestpractical.com/pipermail/rt-announce/2012-May/000203.html http://lists.bestpractical.com/pipermail/rt-announce/2012-May/000204.html http://secunia.com/advisories/49259 http://www.securityfocus.com/bid/53660