7 matches found
CVE-2013-2184
Movable Type before 5.2.6 does not properly use the Storable::thaw function, which allows remote attackers to execute arbitrary code via the commentstate parameter...
CVE-2013-2184
CVE-2013-2184 affects Movable Type before 5.2.6. The vulnerability arises from unsafe use of Storable::thaw when handling comments to blog posts, enabling remote code execution via the comment_state parameter. Multiple connected sources confirm a remote arbitrary-code execution risk and reference...
[SECURITY] [DSA 3183-1] movabletype-opensource security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3183-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 12, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3183-1] movabletype-opensource security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3183-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 12, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3183-1] movabletype-opensource security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3183-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 12, 2015 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 3183-1 (movabletype-opensource - security update)
Multiple vulnerabilities have been discovered in Movable Type, a blogging system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-2184 Unsafe use of Storable::thaw in the handling of comments to blog posts could allow remote attackers to include and...
Movable Type 5.2.X < 5.2.6 Unspecified Vulnerability
According to its version number, the Movable Type install hosted on the remote web server is affected by an unspecified flaw when the 'commentstate' function is processed by the 'unserialize' function. This flaw is due to an issue with the Perl 'Storable::thaw' function, which is considered unsaf...