Candidate: CVE-2008-5846
PublicDate: 2009-01-05 20:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5846
Description:
 Six Apart Movable Type (MT) before 4.23 allows remote authenticated users
 with create permission for posts to bypass intended access restrictions and
 publish posts via a "system-wide entry listing screen."
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_movabletype-opensource:
upstream_movabletype-opensource: released (4.2.3)
dapper_movabletype-opensource: DNE
gutsy_movabletype-opensource: DNE
hardy_movabletype-opensource: DNE
intrepid_movabletype-opensource: needed (reached end-of-life)
jaunty_movabletype-opensource: not-affected (4.2.3-1)
karmic_movabletype-opensource: not-affected (4.2.3-1)
devel_movabletype-opensource: not-affected (4.2.3-1)