CVE-2011-3993 Information

Description

SKYARC MTCMS before 5.252 and the MultiFileUploader 0.44 and earlier DuplicateEntry 1.2 and earlier MailPack 1.741 and earlier and AutoTagging 0.08 and earlier plugins for Movable Type uses weak permissions which allows remote authenticated users to modify files and settings via unspecified vectors.

Reference

http://jvn.jp/en/jp/JVN41032068/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2011-000093 http://www.mtcms.jp/news/product/201110131921.html