CVE-2012-0319

The file-management system in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allows remote authenticated users to execute arbitrary commands by leveraging the file-upload feature, related to an "OS Command Injection" issue.
Code Injection
Severity
UNKNOWN
AV:N/AC:L/Au:S/C:P/I:P/A:P
Atk. Vector
NETWORK
Atk. Complexity
LOW
Base Score
CVSS 3.x
EPSS Score
Percentile: 75%
VendorProductVersion
movabletypemovable_type_open_source
𝑥
≤ 4.37
movabletypemovable_type_open_source
4.0
movabletypemovable_type_open_source
4.0
movabletypemovable_type_open_source
4.1
movabletypemovable_type_open_source
4.1
movabletypemovable_type_open_source
4.01
movabletypemovable_type_open_source
4.2
movabletypemovable_type_open_source
4.2
movabletypemovable_type_open_source
4.3
movabletypemovable_type_open_source
4.23
movabletypemovable_type_open_source
4.25
movabletypemovable_type_open_source
4.26
movabletypemovable_type_open_source
4.31
movabletypemovable_type_open_source
4.32
movabletypemovable_type_open_source
4.33
movabletypemovable_type_open_source
4.34
movabletypemovable_type_open_source
4.35
movabletypemovable_type_open_source
4.36
movabletypemovable_type_open_source
4.261
movabletypemovable_type_open_source
4.361
movabletypemovable_type_open_source
5.1
movabletypemovable_type_open_source
5.02
movabletypemovable_type_open_source
5.03
movabletypemovable_type_open_source
5.04
movabletypemovable_type_open_source
5.05
movabletypemovable_type_open_source
5.06
movabletypemovable_type_open_source
5.11
movabletypemovable_type_open_source
5.12
movabletypemovable_type_open_source
5.031
movabletypemovable_type_open_source
5.051
movabletypemovable_type_enterprise
𝑥
≤ 4.37
movabletypemovable_type_enterprise
4.0
movabletypemovable_type_enterprise
4.0
movabletypemovable_type_enterprise
4.1
movabletypemovable_type_enterprise
4.01
movabletypemovable_type_enterprise
4.1
movabletypemovable_type_enterprise
4.2
movabletypemovable_type_enterprise
4.2
movabletypemovable_type_enterprise
4.3
movabletypemovable_type_enterprise
4.23
movabletypemovable_type_enterprise
4.25
movabletypemovable_type_enterprise
4.26
movabletypemovable_type_enterprise
4.31
movabletypemovable_type_enterprise
4.32
movabletypemovable_type_enterprise
4.33
movabletypemovable_type_enterprise
4.34
movabletypemovable_type_enterprise
4.35
movabletypemovable_type_enterprise
4.36
movabletypemovable_type_enterprise
4.261
movabletypemovable_type_enterprise
4.361
movabletypemovable_type_enterprise
5.1
movabletypemovable_type_enterprise
5.02
movabletypemovable_type_enterprise
5.03
movabletypemovable_type_enterprise
5.04
movabletypemovable_type_enterprise
5.05
movabletypemovable_type_enterprise
5.06
movabletypemovable_type_enterprise
5.11
movabletypemovable_type_enterprise
5.12
movabletypemovable_type_enterprise
5.031
movabletypemovable_type_enterprise
5.051
movabletypemovable_type_advanced
𝑥
≤ 4.37
movabletypemovable_type_advanced
4.0
movabletypemovable_type_advanced
4.0
movabletypemovable_type_advanced
4.1
movabletypemovable_type_advanced
4.01
movabletypemovable_type_advanced
4.1
movabletypemovable_type_advanced
4.2
movabletypemovable_type_advanced
4.2
movabletypemovable_type_advanced
4.3
movabletypemovable_type_advanced
4.23
movabletypemovable_type_advanced
4.25
movabletypemovable_type_advanced
4.26
movabletypemovable_type_advanced
4.31
movabletypemovable_type_advanced
4.32
movabletypemovable_type_advanced
4.33
movabletypemovable_type_advanced
4.34
movabletypemovable_type_advanced
4.35
movabletypemovable_type_advanced
4.36
movabletypemovable_type_advanced
4.261
movabletypemovable_type_advanced
4.361
movabletypemovable_type_advanced
5.1
movabletypemovable_type_advanced
5.02
movabletypemovable_type_advanced
5.03
movabletypemovable_type_advanced
5.04
movabletypemovable_type_advanced
5.05
movabletypemovable_type_advanced
5.06
movabletypemovable_type_advanced
5.11
movabletypemovable_type_advanced
5.12
movabletypemovable_type_advanced
5.031
movabletypemovable_type_advanced
5.051
movabletypemovable_type_pro
𝑥
≤ 4.37
movabletypemovable_type_pro
4.0
movabletypemovable_type_pro
4.0
movabletypemovable_type_pro
4.1
movabletypemovable_type_pro
4.1
movabletypemovable_type_pro
4.01
movabletypemovable_type_pro
4.2
movabletypemovable_type_pro
4.2
movabletypemovable_type_pro
4.3
movabletypemovable_type_pro
4.23
movabletypemovable_type_pro
4.25
movabletypemovable_type_pro
4.26
movabletypemovable_type_pro
4.31
movabletypemovable_type_pro
4.32
movabletypemovable_type_pro
4.33
movabletypemovable_type_pro
4.34
movabletypemovable_type_pro
4.35
movabletypemovable_type_pro
4.36
movabletypemovable_type_pro
4.261
movabletypemovable_type_pro
4.361
movabletypemovable_type_pro
5.1
movabletypemovable_type_pro
5.02
movabletypemovable_type_pro
5.03
movabletypemovable_type_pro
5.04
movabletypemovable_type_pro
5.05
movabletypemovable_type_pro
5.06
movabletypemovable_type_pro
5.11
movabletypemovable_type_pro
5.12
movabletypemovable_type_pro
5.031
movabletypemovable_type_pro
5.051
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
movabletype-opensource
zesty
dne
yakkety
dne
xenial
dne
wily
dne
vivid
dne
utopic
not-affected
trusty
dne
saucy
not-affected
raring
not-affected
quantal
not-affected
precise
ignored
oneiric
ignored
natty
ignored
maverick
ignored
lucid
ignored
hardy
dne