John Lightsey discovered a format string injection vulnerability in the
localisation of templates in Movable Type, a blogging system. An
unauthenticated remote attacker could take advantage of this flaw to
execute arbitrary code as the web server user.