CVE Vulnerabilities

CVE-2011-3993

Published: Nov 03, 2011 | Modified: Nov 16, 2011
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5.5 MEDIUM
AV:N/AC:L/Au:S/C:N/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

SKYARC MTCMS before 5.252, and the MultiFileUploader 0.44 and earlier, DuplicateEntry 1.2 and earlier, MailPack 1.741 and earlier, and AutoTagging 0.08 and earlier plugins for Movable Type, uses weak permissions, which allows remote authenticated users to modify files and settings via unspecified vectors.

Affected Software

Name Vendor Start Version End Version
Mtcms Skyarc 5.251 5.251
Mtcms Skyarc 5.251 5.251
Mtcms Skyarc 5.23 5.23
Mtcms Skyarc * 5.251
Mtcms Skyarc 5.24 5.24
Mtcms Skyarc 5.22 5.22
Mtcms Skyarc 5.2 5.2
Mtcms Skyarc 5.25 5.25
Multifileuploader Skyarc * 0.44
Autotagging Skyarc * 0.08
Mtcms Skyarc 5.24 5.24
Mtcms Skyarc 5.25 5.25
Mtcms Skyarc 5.21 5.21
Mtcms Skyarc 5.24 5.24
Mailpack Skyarc * 1.741
Duplicateentry Skyarc * 1.2
Mtcms Skyarc 5.25 5.25

References