CVE-2011-3993

Sažetak

SKYARC MTCMS before 5.252, and the MultiFileUploader 0.44 and earlier, DuplicateEntry 1.2 and earlier, MailPack 1.741 and earlier, and AutoTagging 0.08 and earlier plugins for Movable Type, uses weak permissions, which allows remote authenticated users to modify files and settings via unspecified vectors.

Reference

http://jvn.jp/en/jp/JVN41032068/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2011-000093
http://www.mtcms.jp/news/product/201110131921.html

CVSS

Base:	5.5
Impact:	4.9
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:S/C:N/I:P/A:P

Zadnje važnije ažuriranje

16-11-2011 - 05:00

Objavljeno

03-11-2011 - 17:55