Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-1497

Overview

Vulnerability Score 4.0 4.0
CVE Id CVE-2012-1497
Last Modified 05 Mar 2012 12:34:25
Published 02 Mar 2012 11:04:57
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2012-1497

Summary

The default configuration of Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 supports the "mt:Include file=" attribute, which allows remote authenticated users to conduct directory traversal attacks and read arbitrary files by leveraging the template-designer role.

Vulnerable Systems

Application

  • Movabletype Movable Type Advanced 4.0

  • Movabletype Movable Type Advanced 4.01

  • Movabletype Movable Type Advanced 4.1

  • Movabletype Movable Type Advanced 4.2

  • Movabletype Movable Type Advanced 4.23

  • Movabletype Movable Type Advanced 4.25

  • Movabletype Movable Type Advanced 4.26

  • Movabletype Movable Type Advanced 4.261

  • Movabletype Movable Type Advanced 4.3

  • Movabletype Movable Type Advanced 4.31

  • Movabletype Movable Type Advanced 4.32

  • Movabletype Movable Type Advanced 4.33

  • Movabletype Movable Type Advanced 4.34

  • Movabletype Movable Type Advanced 4.35

  • Movabletype Movable Type Advanced 4.36

  • Movabletype Movable Type Advanced 4.361

  • Movabletype Movable Type Advanced 4.37

  • Movabletype Movable Type Advanced 5.02

  • Movabletype Movable Type Advanced 5.03

  • Movabletype Movable Type Advanced 5.031

  • Movabletype Movable Type Advanced 5.04

  • Movabletype Movable Type Advanced 5.05

  • Movabletype Movable Type Advanced 5.051

  • Movabletype Movable Type Advanced 5.06

  • Movabletype Movable Type Advanced 5.1

  • Movabletype Movable Type Advanced 5.11

  • Movabletype Movable Type Advanced 5.12

  • Movabletype Movable Type Enterprise 4.0

  • Movabletype Movable Type Enterprise 4.01

  • Movabletype Movable Type Enterprise 4.1

  • Movabletype Movable Type Enterprise 4.2

  • Movabletype Movable Type Enterprise 4.23

  • Movabletype Movable Type Enterprise 4.25

  • Movabletype Movable Type Enterprise 4.26

  • Movabletype Movable Type Enterprise 4.261

  • Movabletype Movable Type Enterprise 4.3

  • Movabletype Movable Type Enterprise 4.31

  • Movabletype Movable Type Enterprise 4.32

  • Movabletype Movable Type Enterprise 4.33

  • Movabletype Movable Type Enterprise 4.34

  • Movabletype Movable Type Enterprise 4.35

  • Movabletype Movable Type Enterprise 4.36

  • Movabletype Movable Type Enterprise 4.361

  • Movabletype Movable Type Enterprise 4.37

  • Movabletype Movable Type Enterprise 5.02

  • Movabletype Movable Type Enterprise 5.03

  • Movabletype Movable Type Enterprise 5.031

  • Movabletype Movable Type Enterprise 5.04

  • Movabletype Movable Type Enterprise 5.05

  • Movabletype Movable Type Enterprise 5.051

  • Movabletype Movable Type Enterprise 5.06

  • Movabletype Movable Type Enterprise 5.1

  • Movabletype Movable Type Enterprise 5.11

  • Movabletype Movable Type Enterprise 5.12

  • Movabletype Movable Type Open Source 4.0

  • Movabletype Movable Type Open Source 4.01

  • Movabletype Movable Type Open Source 4.1

  • Movabletype Movable Type Open Source 4.2

  • Movabletype Movable Type Open Source 4.23

  • Movabletype Movable Type Open Source 4.25

  • Movabletype Movable Type Open Source 4.26

  • Movabletype Movable Type Open Source 4.261

  • Movabletype Movable Type Open Source 4.3

  • Movabletype Movable Type Open Source 4.31

  • Movabletype Movable Type Open Source 4.32

  • Movabletype Movable Type Open Source 4.33

  • Movabletype Movable Type Open Source 4.34

  • Movabletype Movable Type Open Source 4.35

  • Movabletype Movable Type Open Source 4.36

  • Movabletype Movable Type Open Source 4.361

  • Movabletype Movable Type Open Source 4.37

  • Movabletype Movable Type Open Source 5.02

  • Movabletype Movable Type Open Source 5.03

  • Movabletype Movable Type Open Source 5.031

  • Movabletype Movable Type Open Source 5.04

  • Movabletype Movable Type Open Source 5.05

  • Movabletype Movable Type Open Source 5.051

  • Movabletype Movable Type Open Source 5.06

  • Movabletype Movable Type Open Source 5.1

  • Movabletype Movable Type Open Source 5.11

  • Movabletype Movable Type Open Source 5.12

  • Movabletype Movable Type Pro 4.0

  • Movabletype Movable Type Pro 4.01

  • Movabletype Movable Type Pro 4.1

  • Movabletype Movable Type Pro 4.2

  • Movabletype Movable Type Pro 4.23

  • Movabletype Movable Type Pro 4.25

  • Movabletype Movable Type Pro 4.26

  • Movabletype Movable Type Pro 4.261

  • Movabletype Movable Type Pro 4.3

  • Movabletype Movable Type Pro 4.31

  • Movabletype Movable Type Pro 4.32

  • Movabletype Movable Type Pro 4.33

  • Movabletype Movable Type Pro 4.34

  • Movabletype Movable Type Pro 4.35

  • Movabletype Movable Type Pro 4.36

  • Movabletype Movable Type Pro 4.361

  • Movabletype Movable Type Pro 4.37

  • Movabletype Movable Type Pro 5.02

  • Movabletype Movable Type Pro 5.03

  • Movabletype Movable Type Pro 5.031

  • Movabletype Movable Type Pro 5.04

  • Movabletype Movable Type Pro 5.05

  • Movabletype Movable Type Pro 5.051

  • Movabletype Movable Type Pro 5.06

  • Movabletype Movable Type Pro 5.1

  • Movabletype Movable Type Pro 5.11

  • Movabletype Movable Type Pro 5.12


References

CONFIRM - http://www.movabletype.org/documentation/appendices/release-notes/513.html

CONFIRM - http://www.movabletype.org/2012/02/movable_type_513_507_and_438_security_updates.html


Last Updated: 27 May 2016 10:58:20