oss-sec mailing list archives

CVE request: MovableType before 5.2.12

From: John Lightsey <john () nixnuts net>
Date: Thu, 12 Feb 2015 07:25:38 -0600

Hi there,

MoveableType 5.2.12 was released today to fix a flaw where Perl's
Storable::thaw() was called on data sent by unauthenticated remote users
in some interfaces.

https://movabletype.org/news/2015/02/movable_type_607_and_5212_released_to_close_security_vulnera.html

The payload example provided to SixApart was a local file inclusion
attack, but unauthenticated arbitrary remote code execution should be
straightforward by tailoring the payload for the mix of Perl installed
on the system running MTOS.

Please assign a CVE number for this issue.

John

Attachment: signature.asc
Description: This is a digitally signed message part

Current thread:

CVE request: MovableType before 5.2.12 John Lightsey (Feb 12)
- Re: CVE request: MovableType before 5.2.12 - Movable Type cve-assign (Feb 12)