Re: CVE request: MovableType before 5.2.12 - Movable Type

[cve-assign () mitre org]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> MoveableType 5.2.12 was released today to fix a flaw where Perl's
> Storable::thaw() was called on data sent by unauthenticated remote users
> in some interfaces.
>
> https://movabletype.org/news/2015/02/movable_type_607_and_5212_released_to_close_security_vulnera.html

> We are releasing Movable Type 6.0.7 and 5.2.12 as mandatory security updates.

> In previous versions, including the Movable Type 6.0.6 and 5.2.11 are susceptible

Note that 5.2.11 is open source (from the
https://movabletype.org/downloads/archives/5.x/MTOS-5.2.11.zip
distribution) but we think that 6.0.6 is not open source.

> The payload example provided to SixApart was a local file inclusion
> attack, but unauthenticated arbitrary remote code execution should be
> straightforward

Use CVE-2015-1592.

There aren't separate CVE IDs for different impacts of the underlying
"called on data sent by unauthenticated remote users" issue.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJU3TuVAAoJEKllVAevmvmsww4H/i+mhMmZ/wXa2QXyMDfu3Ojr
lgPuScQ7/DNIEeKhdhnbjtlF4wRsdsohOx7CyYlNt3QjTu6h8ngGH+JG8sQjtcaU
OnB091V+hOAXsetdr5bZFDr/+o7a6lz/GrhaURJJHgXXcJhbWvrfn/vEuadVQZtS
26raOvgRmomr6T0+kv+6SSMCy78N7eHJnUDWHUS/d+2a/G5Hpe1pYWpvF5hZLNYY
uH9D4C6gmLdD0HaujOy+2Pv8QnE2OMFoQ14yfcdc+N2JxSVKA0I/50lbB0axMXDf
zmR2I18Sx4ccBm97yX2qFs5uqNk6O4nZQ74mRp003ZvQXqwN3RnW4YbbxGAVmaI=
=4v/h
-----END PGP SIGNATURE-----