What is the severity of CVE-2008-7280?

CVE-2008-7280 is classified as a medium severity vulnerability due to its potential to cause a denial of service.

How do I fix CVE-2008-7280?

To fix CVE-2008-7280, upgrade Open Ticket Request System (OTRS) to version 2.2.7 or later.

What systems are affected by CVE-2008-7280?

CVE-2008-7280 affects OTRS versions prior to 2.2.7 and several beta releases up to 2.1.9.

What type of attack does CVE-2008-7280 allow?

CVE-2008-7280 allows remote attackers to perform a denial of service by sending crafted email messages.

What component is impacted by CVE-2008-7280?

CVE-2008-7280 impacts the Kernel/System/EmailParser.pm component in OTRS.

Vulnerability/
CVE-2008-7280

medium

CWE

18/3/2011

16/9/2024

CVE-2008-7280: Input Validation

First published: Fri Mar 18 2011(Updated: )

Kernel/System/EmailParser.pm in PostmasterPOP3.pl in Open Ticket Request System (OTRS) before 2.2.7 does not properly handle e-mail messages containing malformed UTF-8 characters, which allows remote attackers to cause a denial of service (e-mail retrieval outage) via a crafted message.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
OTRS	<=2.2.6
OTRS	=0.5-beta1
OTRS	=0.5-beta2
OTRS	=0.5-beta3
OTRS	=0.5-beta4
OTRS	=0.5-beta5
OTRS	=0.5-beta6
OTRS	=0.5-beta7
OTRS	=0.5-beta8
OTRS	=1.0-rc1
OTRS	=1.0-rc2
OTRS	=1.0-rc3
OTRS	=1.0.0
OTRS	=1.0.1
OTRS	=1.0.2
OTRS	=1.1-rc1
OTRS	=1.1.0-rc1
OTRS	=1.1.0-rc2
OTRS	=1.1.1
OTRS	=1.1.2
OTRS	=1.1.3
OTRS	=1.1.4
OTRS	=1.2.0-beta1
OTRS	=1.2.0-beta2
OTRS	=1.2.0-beta3
OTRS	=1.2.1
OTRS	=1.2.2
OTRS	=1.2.3
OTRS	=1.2.4
OTRS	=1.3.0-beta1
OTRS	=1.3.0-beta2
OTRS	=1.3.0-beta3
OTRS	=1.3.0-beta4
OTRS	=1.3.1
OTRS	=1.3.2
OTRS	=1.3.3
OTRS	=2.0.0
OTRS	=2.0.0-beta1
OTRS	=2.0.0-beta2
OTRS	=2.0.0-beta4
OTRS	=2.0.0-beta5
OTRS	=2.0.0-beta6
OTRS	=2.0.1
OTRS	=2.0.2
OTRS	=2.0.3
OTRS	=2.0.4
OTRS	=2.0.5
OTRS	=2.1.0-beta1
OTRS	=2.1.0-beta2
OTRS	=2.1.1
OTRS	=2.1.2
OTRS	=2.1.3
OTRS	=2.1.4
OTRS	=2.1.5
OTRS	=2.1.6
OTRS	=2.1.7
OTRS	=2.1.8
OTRS	=2.1.9
OTRS	=2.2.0-beta1
OTRS	=2.2.0-beta2
OTRS	=2.2.0-beta3
OTRS	=2.2.0-beta4
OTRS	=2.2.0-rc1
OTRS	=2.2.1
OTRS	=2.2.2
OTRS	=2.2.3
OTRS	=2.2.4
OTRS	=2.2.5

Remedy

http://bugs.otrs.org/show_bug.cgi?id=2934

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2008-7280?
CVE-2008-7280 is classified as a medium severity vulnerability due to its potential to cause a denial of service.
How do I fix CVE-2008-7280?
To fix CVE-2008-7280, upgrade Open Ticket Request System (OTRS) to version 2.2.7 or later.
What systems are affected by CVE-2008-7280?
CVE-2008-7280 affects OTRS versions prior to 2.2.7 and several beta releases up to 2.1.9.
What type of attack does CVE-2008-7280 allow?
CVE-2008-7280 allows remote attackers to perform a denial of service by sending crafted email messages.
What component is impacted by CVE-2008-7280?
CVE-2008-7280 impacts the Kernel/System/EmailParser.pm component in OTRS.

agent/references
agent/type
agent/softwarecombine
agent/author
agent/severity
agent/weakness
agent/remedy
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
vendor/otrs
canonical/otrs
version/otrs/2.2.6
version/otrs/0.5-beta1
version/otrs/0.5-beta2
version/otrs/0.5-beta3
version/otrs/0.5-beta4
version/otrs/0.5-beta5
version/otrs/0.5-beta6
version/otrs/0.5-beta7
version/otrs/0.5-beta8
version/otrs/1.0-rc1
version/otrs/1.0-rc2
version/otrs/1.0-rc3
version/otrs/1.0.0
version/otrs/1.0.1
version/otrs/1.0.2
version/otrs/1.1-rc1
version/otrs/1.1.0-rc1
version/otrs/1.1.0-rc2
version/otrs/1.1.1
version/otrs/1.1.2
version/otrs/1.1.3
version/otrs/1.1.4
version/otrs/1.2.0-beta1
version/otrs/1.2.0-beta2
version/otrs/1.2.0-beta3
version/otrs/1.2.1
version/otrs/1.2.2
version/otrs/1.2.3
version/otrs/1.2.4
version/otrs/1.3.0-beta1
version/otrs/1.3.0-beta2
version/otrs/1.3.0-beta3
version/otrs/1.3.0-beta4
version/otrs/1.3.1
version/otrs/1.3.2
version/otrs/1.3.3
version/otrs/2.0.0
version/otrs/2.0.0-beta1
version/otrs/2.0.0-beta2
version/otrs/2.0.0-beta4
version/otrs/2.0.0-beta5
version/otrs/2.0.0-beta6
version/otrs/2.0.1
version/otrs/2.0.2
version/otrs/2.0.3
version/otrs/2.0.4
version/otrs/2.0.5
version/otrs/2.1.0-beta1
version/otrs/2.1.0-beta2
version/otrs/2.1.1
version/otrs/2.1.2
version/otrs/2.1.3
version/otrs/2.1.4
version/otrs/2.1.5
version/otrs/2.1.6
version/otrs/2.1.7
version/otrs/2.1.8
version/otrs/2.1.9
version/otrs/2.2.0-beta1
version/otrs/2.2.0-beta2
version/otrs/2.2.0-beta3
version/otrs/2.2.0-beta4
version/otrs/2.2.0-rc1
version/otrs/2.2.1
version/otrs/2.2.2
version/otrs/2.2.3
version/otrs/2.2.4
version/otrs/2.2.5

CVE-2008-7280: Input Validation

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2008-7280?

How do I fix CVE-2008-7280?

What systems are affected by CVE-2008-7280?

What type of attack does CVE-2008-7280 allow?

What component is impacted by CVE-2008-7280?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2008-7280?

How do I fix CVE-2008-7280?

What systems are affected by CVE-2008-7280?

What type of attack does CVE-2008-7280 allow?

What component is impacted by CVE-2008-7280?