Описание
Movable Type before 5.2.6 does not properly use the Storable::thaw function, which allows remote attackers to execute arbitrary code via the comment_state parameter.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [5.2.9+dfsg-1]] |
| lucid | ignored | end of life |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needs-triage |
| quantal | ignored | end of life |
| raring | ignored | end of life |
| saucy | ignored | end of life |
| trusty | not-affected | 5.2.9+dfsg-1 |
| trusty/esm | DNE | trusty was not-affected [5.2.9+dfsg-1] |
Показывать по
10
Ссылки на источники
EPSS
Процентиль: 87%
0.03196
Низкий
7.5 High
CVSS2
Связанные уязвимости
nvd
почти 11 лет назад
Movable Type before 5.2.6 does not properly use the Storable::thaw function, which allows remote attackers to execute arbitrary code via the comment_state parameter.
debian
почти 11 лет назад
Movable Type before 5.2.6 does not properly use the Storable::thaw fun ...
github
больше 3 лет назад
Movable Type before 5.2.6 does not properly use the Storable::thaw function, which allows remote attackers to execute arbitrary code via the comment_state parameter.
EPSS
Процентиль: 87%
0.03196
Низкий
7.5 High
CVSS2