Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0320

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2012-0320
Last Modified 20 Sep 2012 11:23:47
Published 02 Mar 2012 11:04:57
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-0320

Summary

Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allows remote attackers to take control of sessions via unspecified vectors related to the (1) commenting feature and (2) community script.

Vulnerable Systems

Application

  • Movabletype Movable Type Advanced 4.0

  • Movabletype Movable Type Advanced 4.01

  • Movabletype Movable Type Advanced 4.1

  • Movabletype Movable Type Advanced 4.2

  • Movabletype Movable Type Advanced 4.23

  • Movabletype Movable Type Advanced 4.25

  • Movabletype Movable Type Advanced 4.26

  • Movabletype Movable Type Advanced 4.261

  • Movabletype Movable Type Advanced 4.3

  • Movabletype Movable Type Advanced 4.31

  • Movabletype Movable Type Advanced 4.32

  • Movabletype Movable Type Advanced 4.33

  • Movabletype Movable Type Advanced 4.34

  • Movabletype Movable Type Advanced 4.35

  • Movabletype Movable Type Advanced 4.36

  • Movabletype Movable Type Advanced 4.361

  • Movabletype Movable Type Advanced 4.37

  • Movabletype Movable Type Advanced 5.02

  • Movabletype Movable Type Advanced 5.03

  • Movabletype Movable Type Advanced 5.031

  • Movabletype Movable Type Advanced 5.04

  • Movabletype Movable Type Advanced 5.05

  • Movabletype Movable Type Advanced 5.051

  • Movabletype Movable Type Advanced 5.06

  • Movabletype Movable Type Advanced 5.1

  • Movabletype Movable Type Advanced 5.11

  • Movabletype Movable Type Advanced 5.12

  • Movabletype Movable Type Enterprise 4.0

  • Movabletype Movable Type Enterprise 4.01

  • Movabletype Movable Type Enterprise 4.1

  • Movabletype Movable Type Enterprise 4.2

  • Movabletype Movable Type Enterprise 4.23

  • Movabletype Movable Type Enterprise 4.25

  • Movabletype Movable Type Enterprise 4.26

  • Movabletype Movable Type Enterprise 4.261

  • Movabletype Movable Type Enterprise 4.3

  • Movabletype Movable Type Enterprise 4.31

  • Movabletype Movable Type Enterprise 4.32

  • Movabletype Movable Type Enterprise 4.33

  • Movabletype Movable Type Enterprise 4.34

  • Movabletype Movable Type Enterprise 4.35

  • Movabletype Movable Type Enterprise 4.36

  • Movabletype Movable Type Enterprise 4.361

  • Movabletype Movable Type Enterprise 4.37

  • Movabletype Movable Type Enterprise 5.02

  • Movabletype Movable Type Enterprise 5.03

  • Movabletype Movable Type Enterprise 5.031

  • Movabletype Movable Type Enterprise 5.04

  • Movabletype Movable Type Enterprise 5.05

  • Movabletype Movable Type Enterprise 5.051

  • Movabletype Movable Type Enterprise 5.06

  • Movabletype Movable Type Enterprise 5.1

  • Movabletype Movable Type Enterprise 5.11

  • Movabletype Movable Type Enterprise 5.12

  • Movabletype Movable Type Open Source 4.0

  • Movabletype Movable Type Open Source 4.01

  • Movabletype Movable Type Open Source 4.1

  • Movabletype Movable Type Open Source 4.2

  • Movabletype Movable Type Open Source 4.23

  • Movabletype Movable Type Open Source 4.25

  • Movabletype Movable Type Open Source 4.26

  • Movabletype Movable Type Open Source 4.261

  • Movabletype Movable Type Open Source 4.3

  • Movabletype Movable Type Open Source 4.31

  • Movabletype Movable Type Open Source 4.32

  • Movabletype Movable Type Open Source 4.33

  • Movabletype Movable Type Open Source 4.34

  • Movabletype Movable Type Open Source 4.35

  • Movabletype Movable Type Open Source 4.36

  • Movabletype Movable Type Open Source 4.361

  • Movabletype Movable Type Open Source 4.37

  • Movabletype Movable Type Open Source 5.02

  • Movabletype Movable Type Open Source 5.03

  • Movabletype Movable Type Open Source 5.031

  • Movabletype Movable Type Open Source 5.04

  • Movabletype Movable Type Open Source 5.05

  • Movabletype Movable Type Open Source 5.051

  • Movabletype Movable Type Open Source 5.06

  • Movabletype Movable Type Open Source 5.1

  • Movabletype Movable Type Open Source 5.11

  • Movabletype Movable Type Open Source 5.12

  • Movabletype Movable Type Pro 4.0

  • Movabletype Movable Type Pro 4.01

  • Movabletype Movable Type Pro 4.1

  • Movabletype Movable Type Pro 4.2

  • Movabletype Movable Type Pro 4.23

  • Movabletype Movable Type Pro 4.25

  • Movabletype Movable Type Pro 4.26

  • Movabletype Movable Type Pro 4.261

  • Movabletype Movable Type Pro 4.3

  • Movabletype Movable Type Pro 4.31

  • Movabletype Movable Type Pro 4.32

  • Movabletype Movable Type Pro 4.33

  • Movabletype Movable Type Pro 4.34

  • Movabletype Movable Type Pro 4.35

  • Movabletype Movable Type Pro 4.36

  • Movabletype Movable Type Pro 4.361

  • Movabletype Movable Type Pro 4.37

  • Movabletype Movable Type Pro 5.02

  • Movabletype Movable Type Pro 5.03

  • Movabletype Movable Type Pro 5.031

  • Movabletype Movable Type Pro 5.04

  • Movabletype Movable Type Pro 5.05

  • Movabletype Movable Type Pro 5.051

  • Movabletype Movable Type Pro 5.06

  • Movabletype Movable Type Pro 5.1

  • Movabletype Movable Type Pro 5.11

  • Movabletype Movable Type Pro 5.12

  • Sixapart Movable Type 4.0

  • Sixapart Movable Type 4.1

  • Sixapart Movable Type 4.12

  • Sixapart Movable Type 4.15

  • Sixapart Movable Type 4.2

  • Sixapart Movable Type 4.22

  • Sixapart Movable Type 4.23

  • Sixapart Movable Type 4.24

  • Sixapart Movable Type 4.25

  • Sixapart Movable Type 4.26

  • Sixapart Movable Type 4.261

  • Sixapart Movable Type 4.27

  • Sixapart Movable Type 4.28

  • Sixapart Movable Type 4.29

  • Sixapart Movable Type 4.291

  • Sixapart Movable Type 4.292

  • Sixapart Movable Type 4.35

  • Sixapart Movable Type 4.36

  • Sixapart Movable Type 4.361

  • Sixapart Movable Type 4.37

  • Sixapart Movable Type 5.0

  • Sixapart Movable Type 5.01

  • Sixapart Movable Type 5.02

  • Sixapart Movable Type 5.03

  • Sixapart Movable Type 5.031

  • Sixapart Movable Type 5.04

  • Sixapart Movable Type 5.05

  • Sixapart Movable Type 5.051

  • Sixapart Movable Type 5.06

  • Sixapart Movable Type 5.07

  • Sixapart Movable Type 5.1

  • Sixapart Movable Type 5.11

  • Sixapart Movable Type 5.12


References

CONFIRM - http://www.movabletype.org/documentation/appendices/release-notes/513.html

CONFIRM - http://www.movabletype.org/2012/02/movable_type_513_507_and_438_security_updates.html

JVNDB - JVNDB-2012-000018

JVN - JVN#20083397

SECTRACK - 1026738

BID - 52138


Last Updated: 27 May 2016 10:58:20