Published:2005/05/12  Last Updated:2008/05/21

JVN#74012178
Movable Type session management vulnerability

Overview

Movable Type, a web log system from Six Apart KK, contains a vulnerability which could allow a remote attacker to gain illegal access.

Products Affected

  • Movable Type 3.151-ja and earlier

Description

Impact

A remote attacker could freely manipulate a web log by posting or deleting blog entries.

Solution

Vendor Status

Vendor Status Last Update Vendor Notes
Six Apart KK Vulnerable 2005/05/12

References

JPCERT/CC Addendum

Credit

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE
JVN iPedia JVNDB-2005-000768

Update History