CVE-2012-0320 Information

Description

Movable Type before 4.38 5.0x before 5.07 and 5.1x before 5.13 allows remote attackers to take control of sessions via unspecified vectors related to the (1) commenting feature and (2) community script.

Reference

http://jvn.jp/en/jp/JVN20083397/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2012-000018 http://www.debian.org/security/2012/dsa-2423 http://www.movabletype.org/2012/02/movable_type_513_507_and_438_security_updates.html http://www.movabletype.org/documentation/appendices/release-notes/513.html http://www.securityfocus.com/bid/52138 http://www.securitytracker.com/id?1026738