Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3993

Overview

Vulnerability Score 5.5 5.5
CVE Id CVE-2011-3993
Last Modified 16 Nov 2011 12:00:00
Published 03 Nov 2011 01:55:01
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2011-3993

Summary

SKYARC MTCMS before 5.252, and the MultiFileUploader 0.44 and earlier, DuplicateEntry 1.2 and earlier, MailPack 1.741 and earlier, and AutoTagging 0.08 and earlier plugins for Movable Type, uses weak permissions, which allows remote authenticated users to modify files and settings via unspecified vectors.

Vulnerable Systems

Application

  • Skyarc Autotagging 0.08

  • Skyarc Duplicateentry 1.2

  • Skyarc Mailpack 1.741

  • Skyarc Mtcms 5.2

  • Skyarc Mtcms 5.21

  • Skyarc Mtcms 5.22

  • Skyarc Mtcms 5.23

  • Skyarc Mtcms 5.24

  • Skyarc Mtcms 5.25

  • Skyarc Mtcms 5.251

  • Skyarc Multifileuploader 0.44


References

CONFIRM - http://www.mtcms.jp/news/product/201110131921.html

JVNDB - JVNDB-2011-000093

JVN - JVN#41032068


Last Updated: 27 May 2016 10:57:48