CVE-2019-18180
Summary
| CVE | CVE-2019-18180 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2019-12-05 15:15:00 UTC |
| Updated | 2023-08-31 03:15:00 UTC |
| Description | Improper Check for filenames with overly long extensions in PostMaster (sending in email) or uploading files (e.g. attaching files to mails) of ((OTRS)) Community Edition and OTRS allows an remote attacker to cause an endless loop. This issue affects: OTRS AG: ((OTRS)) Community Edition 5.0.x version 5.0.38 and prior versions; 6.0.x version 6.0.23 and prior versions. OTRS AG: OTRS 7.0.x version 7.0.12 and prior versions. |
Risk And Classification
Problem Types: CWE-835
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| [security-announce] openSUSE-SU-2020:1475-1: moderate: Recommended updat | SUSE | lists.opensuse.org | |
| [security-announce] openSUSE-SU-2020:0551-1: moderate: Recommended updat | SUSE | lists.opensuse.org | |
| [SECURITY] [DLA 3551-1] otrs2 security update | MLIST | lists.debian.org | |
| Security Advisory 2019-15: Security Update for OTRS Framework - ((OTRS)) Community Edition | CONFIRM | community.otrs.com | Patch, Vendor Advisory |
| [security-announce] openSUSE-SU-2020:1509-1: moderate: Recommended updat | SUSE | lists.opensuse.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 6000085 Debian Security Update for otrs2 (DLA 3551-1)