CVE

Id
78869  
CVE No.
CVE-2015-1592  
Status
Candidate  
Description
Movable Type Pro, Open Source, and Advanced before 5.2.12 and Pro and Advanced 6.0.x before 6.0.7 does not properly use the Perl Storable::thaw function, which allows remote attackers to include and execute arbitrary local Perl files and possibly execute arbitrary code via unspecified vectors.  
Phase
Assigned (20150212)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
719055 78869 CVE-2015-1592 MLIST:[oss-security] 20150212 CVE request: MovableType before 5.2.12  View
719056 78869 CVE-2015-1592 URL:http://www.openwall.com/lists/oss-security/2015/02/12/2  View
719057 78869 CVE-2015-1592 MLIST:[oss-security] 20150212 Re: CVE request: MovableType before 5.2.12 - Movable Type  View
719058 78869 CVE-2015-1592 URL:http://www.openwall.com/lists/oss-security/2015/02/12/17  View
719059 78869 CVE-2015-1592 CONFIRM:https://movabletype.org/news/2015/02/movable_type_607_and_5212_released_to_close_security_vulnera.html  View
719060 78869 CVE-2015-1592 DEBIAN:DSA-3183  View
719061 78869 CVE-2015-1592 URL:https://www.debian.org/security/2015/dsa-3183  View
719062 78869 CVE-2015-1592 BID:72606  View
719063 78869 CVE-2015-1592 URL:http://www.securityfocus.com/bid/72606  View
719064 78869 CVE-2015-1592 SECTRACK:1031777  View
719065 78869 CVE-2015-1592 URL:http://www.securitytracker.com/id/1031777  View
719066 78869 CVE-2015-1592 XF:movable-type-cve20151592-file-include(100912)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
6950 JVNDB-2015-002270 複数の Microsoft Windows 製品における権限昇格の脆弱性 複数の Microsoft Windows 製品には、偽装レベルを適切に制御しないため、権限を取得される脆弱性が存在します。 CVE-2015-1644 78869 7.2 http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-002270.html  View