Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2012-0319

Опубликовано: 03 мар. 2012
Источник: nvd
CVSS2: 6.5
EPSS Низкий

Описание

The file-management system in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allows remote authenticated users to execute arbitrary commands by leveraging the file-upload feature, related to an "OS Command Injection" issue.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:movabletype:movable_type_open_source:*:*:*:*:*:*:*:*
Версия до 4.37 (включая)
cpe:2.3:a:movabletype:movable_type_open_source:4.0:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.0:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.1:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.1:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.01:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.2:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.2:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.3:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.23:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.25:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.26:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.31:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.32:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.33:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.34:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.35:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.36:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.261:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.361:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:5.1:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:5.02:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:5.03:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:5.04:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:5.05:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:5.06:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:5.11:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:5.12:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:5.031:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:5.051:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:movabletype:movable_type_enterprise:*:*:*:*:*:*:*:*
Версия до 4.37 (включая)
cpe:2.3:a:movabletype:movable_type_enterprise:4.0:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.0:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.1:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.01:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.1:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.2:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.2:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.3:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.23:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.25:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.26:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.31:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.32:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.33:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.34:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.35:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.36:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.261:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.361:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:5.1:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:5.02:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:5.03:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:5.04:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:5.05:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:5.06:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:5.11:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:5.12:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:5.031:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:5.051:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:a:movabletype:movable_type_advanced:*:*:*:*:*:*:*:*
Версия до 4.37 (включая)
cpe:2.3:a:movabletype:movable_type_advanced:4.0:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.0:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.1:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.01:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.1:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.2:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.2:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.3:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.23:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.25:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.26:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.31:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.32:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.33:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.34:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.35:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.36:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.261:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.361:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:5.1:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:5.02:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:5.03:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:5.04:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:5.05:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:5.06:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:5.11:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:5.12:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:5.031:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:5.051:*:*:*:*:*:*:*
Конфигурация 4

Одно из

cpe:2.3:a:movabletype:movable_type_pro:*:*:*:*:*:*:*:*
Версия до 4.37 (включая)
cpe:2.3:a:movabletype:movable_type_pro:4.0:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.0:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.1:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.1:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.01:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.2:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.2:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.3:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.23:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.25:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.26:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.31:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.32:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.33:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.34:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.35:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.36:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.261:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.361:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:5.1:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:5.02:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:5.03:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:5.04:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:5.05:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:5.06:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:5.11:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:5.12:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:5.031:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:5.051:*:*:*:*:*:*:*

EPSS

Процентиль: 85%
0.02674
Низкий

6.5 Medium

CVSS2

Дефекты

CWE-94

Связанные уязвимости

ubuntu логотип

CVE-2012-0319

ubuntu
почти 14 лет назад

The file-management system in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allows remote authenticated users to execute arbitrary commands by leveraging the file-upload feature, related to an "OS Command Injection" issue.

debian логотип

CVE-2012-0319

debian
почти 14 лет назад

The file-management system in Movable Type before 4.38, 5.0x before 5. ...

github логотип

GHSA-jg74-x32p-r6hv

github
почти 4 года назад

The file-management system in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allows remote authenticated users to execute arbitrary commands by leveraging the file-upload feature, related to an "OS Command Injection" issue.

EPSS

Процентиль: 85%
0.02674
Низкий

6.5 Medium

CVSS2

Дефекты

CWE-94