CVE Vulnerabilities

CVE-2011-3993

Published: Nov 03, 2011 | Modified: Nov 16, 2011
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5.5 MEDIUM
AV:N/AC:L/Au:S/C:N/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

SKYARC MTCMS before 5.252, and the MultiFileUploader 0.44 and earlier, DuplicateEntry 1.2 and earlier, MailPack 1.741 and earlier, and AutoTagging 0.08 and earlier plugins for Movable Type, uses weak permissions, which allows remote authenticated users to modify files and settings via unspecified vectors.

Affected Software

Name Vendor Start Version End Version
Autotagging Skyarc * 0.08
Duplicateentry Skyarc * 1.2
Mailpack Skyarc * 1.741
Mtcms Skyarc 5.2 5.2
Mtcms Skyarc 5.21 5.21
Mtcms Skyarc 5.22 5.22
Mtcms Skyarc 5.23 5.23
Mtcms Skyarc 5.24 5.24
Mtcms Skyarc 5.24 5.24
Mtcms Skyarc 5.24 5.24
Mtcms Skyarc 5.25 5.25
Mtcms Skyarc 5.25 5.25
Mtcms Skyarc 5.25 5.25
Mtcms Skyarc * 5.251
Mtcms Skyarc 5.251 5.251
Mtcms Skyarc 5.251 5.251
Multifileuploader Skyarc * 0.44

References