QwikSec

Security Database

CVE

CWE

Training

CVE-2015-1592

Published: Feb 19, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

Movable Type Pro, Open Source, and Advanced before 5.2.12 and Pro and Advanced 6.0.x before 6.0.7 does not properly use the Perl Storable::thaw function, which allows remote attackers to include and execute arbitrary local Perl files and possibly execute arbitrary code via unspecified vectors.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_DEBIAN

vdb-entry

x_refsource_SECTRACK

[oss-security] 20150212 CVE request: MovableType before 5.2.12

mailing-list

x_refsource_MLIST

movable-type-cve20151592-file-include(100912)

vdb-entry

x_refsource_XF

https://movabletype.org/news/2015/02/movable_type_607_and_5212_released_to_close_security_vulnera.html

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

[oss-security] 20150212 Re: CVE request: MovableType before 5.2.12 - Movable Type

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.