Movable Type Pro, Open Source, and Advanced prior to 5.2.12 and Pro and Advanced 6.0.x prior to 6.0.7 does not properly use the Perl Storable::thaw function, which allows remote malicious users to include and execute arbitrary local Perl files and possibly execute arbitrary code via unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
debian debian linux 7.0 |
||
sixapart movable type |