CVE-2012-0319

N/A Unknown

Published: March 03, 2012 Modified: April 29, 2026

Description

The file-management system in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allows remote authenticated users to execute arbitrary commands by leveraging the file-upload feature, related to an "OS Command Injection" issue.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://jvn.jp/en/jp/JVN92683325/index.html

Source: vultures@jpcert.or.jp

http://jvndb.jvn.jp/jvndb/JVNDB-2012-000017

Source: vultures@jpcert.or.jp

http://www.debian.org/security/2012/dsa-2423

Source: vultures@jpcert.or.jp

http://www.movabletype.org/2012/02/movable_type_513_507_and_438_security_updates.html

Source: vultures@jpcert.or.jp

Patch Vendor Advisory

http://www.movabletype.org/documentation/appendices/release-notes/513.html

Source: vultures@jpcert.or.jp

Patch Vendor Advisory

http://www.securityfocus.com/bid/52138

Source: vultures@jpcert.or.jp

http://www.securitytracker.com/id?1026738

Source: vultures@jpcert.or.jp

http://jvn.jp/en/jp/JVN92683325/index.html