PT-2009-4888 · Six Apart · Movable Type

Masashi Shiraishi

Published

2009-07-16

Updated

2017-08-17

CVE-2009-2481

CVSS v2.0

5.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions Movable Type versions prior to 4.261

Description The issue allows remote attackers to bypass access restrictions. This can lead to sending e-mail to arbitrary addresses or obtaining sensitive information.

Recommendations For versions prior to 4.261, update to version 4.261 or later to resolve the issue.

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2009-2481

Affected Products

Movable Type

PT-2009-4888 · Six Apart · Movable Type

CVE-2009-2481

Weakness Enumeration

Related Identifiers

Affected Products

References · 8