movabletype-opensource: code execution
| Package(s): | movabletype-opensource | CVE #(s): | CVE-2015-0845 | ||||
| Created: | April 16, 2015 | Updated: | April 22, 2015 | ||||
| Description: | From the Debian advisory:
John Lightsey discovered a format string injection vulnerability in the localisation of templates in Movable Type, a blogging system. An unauthenticated remote attacker could take advantage of this flaw to execute arbitrary code as the web server user. | ||||||
| Alerts: |
| ||||||