cvelistv5 - cve-2011-3587

CVE-2011-3587 (GCVE-0-2011-3587)

Vulnerability from cvelistv5 – Published: 2011-10-10 10:00 – Updated: 2024-08-06 23:37

Summary

Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

Tags

	https://bugzilla.redhat.com/show_bug.cgi?id=742297	x_refsource_CONFIRM
	http://secunia.com/advisories/46221	third-party-advisoryx_refsource_SECUNIA
	http://pypi.python.org/pypi/Products.PloneHotfix2…	x_refsource_CONFIRM
	http://secunia.com/advisories/46323	third-party-advisoryx_refsource_SECUNIA
	http://plone.org/products/plone/security/advisori…	x_refsource_CONFIRM
	http://zope2.zope.org/news/security-vulnerability…	x_refsource_CONFIRM
	http://plone.org/products/plone-hotfix/releases/2…	x_refsource_CONFIRM
	http://plone.org/products/plone-hotfix/releases/2…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T23:37:48.380Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=742297"
          },
          {
            "name": "46221",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46221"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://pypi.python.org/pypi/Products.PloneHotfix20110928/1.0"
          },
          {
            "name": "46323",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46323"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://plone.org/products/plone/security/advisories/20110928"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://plone.org/products/plone-hotfix/releases/20110928"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://plone.org/products/plone-hotfix/releases/20110928/PloneHotfix20110928-1.0.zip"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-09-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-10-19T09:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=742297"
        },
        {
          "name": "46221",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46221"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://pypi.python.org/pypi/Products.PloneHotfix20110928/1.0"
        },
        {
          "name": "46323",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46323"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://plone.org/products/plone/security/advisories/20110928"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://plone.org/products/plone-hotfix/releases/20110928"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://plone.org/products/plone-hotfix/releases/20110928/PloneHotfix20110928-1.0.zip"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-3587",
    "datePublished": "2011-10-10T10:00:00",
    "dateReserved": "2011-09-21T00:00:00",
    "dateUpdated": "2024-08-06T23:37:48.380Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F3306D84-0F5B-46BA-9BCC-DCD0A1CDD604\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:4.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E08F4534-A588-463F-A745-39E559AB1CB8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:4.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B64341BA-5722-415E-9771-9837168AB7C0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:4.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E2929227-AE19-428D-9AC3-D312A559039B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:4.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3B6DC866-0FEE-475B-855C-A69E004810CD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:4.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"50BF3E8E-152C-4E89-BAA2-A952D10F4611\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:4.0.6.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"49DB97A7-89DD-43C0-A490-84AA7069764B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:4.0.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F1F88BF6-9058-4CB8-A2D6-5653860CF489\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:4.0.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B2AA3FA2-15C3-444A-8810-5EF3E0E84D58\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:4.0.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"72F3B15A-CD0F-4CC5-A76F-E62637B30E2E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7C44B53B-953B-4522-A5B4-11573850D2CD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1F1818BB-E23A-4136-898D-1D0C80C08728\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:4.2a1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3CA5A1E3-EC1E-482D-B074-1304FBF963F2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:4.2a2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1DE6064F-67CC-4DA5-A4A8-D9E1F701B1A5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.12.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2704CA8B-2AB3-48C7-85DC-66F9AD667E0B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.12.0:a1:*:*:*:*:*:*\", \"matchCriteriaId\": \"020F418B-589E-4864-89DB-29AAFBF41491\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.12.0:a2:*:*:*:*:*:*\", \"matchCriteriaId\": \"FCE1948E-7DA4-4F5B-8BE0-6F775356F286\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.12.0:a3:*:*:*:*:*:*\", \"matchCriteriaId\": \"44497A5B-01FC-4931-A478-5BC1C0E2E155\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.12.0:a4:*:*:*:*:*:*\", \"matchCriteriaId\": \"D53DE247-B6F9-43B5-A1C8-631183AF5FC8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.12.0:b1:*:*:*:*:*:*\", \"matchCriteriaId\": \"0F6993A9-74C2-443B-8C58-FA5BA972573C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.12.0:b2:*:*:*:*:*:*\", \"matchCriteriaId\": \"029814EB-380B-4DE5-8E79-7DA8D3C78C04\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.12.0:b3:*:*:*:*:*:*\", \"matchCriteriaId\": \"BA8E46A4-1706-4E2D-9353-3E7F9C70E405\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.12.0:b4:*:*:*:*:*:*\", \"matchCriteriaId\": \"CFF98E8F-3D3D-477E-A750-59C26156FD1B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.12.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB0F8805-2E74-40F6-BAE1-DB8187043611\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.12.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DD3A0116-BDE0-490A-8CE6-0B4B0E003887\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.12.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"73D8DF4A-46E9-4D1F-88DF-2C0EB274B280\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.12.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CCB94584-6842-429F-A5E5-DFB3037B1DD3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.12.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6A3CB9CA-8F81-4E9B-B334-83D28DFBB44D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.12.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0262630B-153C-47D8-A852-ADCADED1B4B2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.12.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8B5E37A4-EE2F-4DCA-928F-553EDD487A09\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.12.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6DD494AD-C46F-455E-941B-8B6135EB3566\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.12.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1B485846-EC9D-426C-BFE0-A9E647D6C65D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.12.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E814BB0A-D5D3-4756-8135-0A7EFF9D8538\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.12.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A638BB63-7F91-4A5E-9FEC-C19E2A585CB7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.12.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"98FD488D-8C25-4553-8F3E-E4AEACCBD23F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.12.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"821C6F9D-B9F5-4525-870C-1F57943B008C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.12.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4BB9641A-97D9-4AC7-85F8-1604D5EBFECC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.12.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C0F5B68D-E59B-4605-869D-7FD5CCD7C6B9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.12.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"14D1EA26-9BB1-4917-94BC-2E08864770FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.12.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8EEB553C-21A6-4670-A37A-C2A7D360512D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.12.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5767213A-DD93-4FDF-9E0E-B90814D71BC2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.12.19:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"89E07BBF-DDAC-46E0-85E5-EAF01C8D3747\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.12.20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"46DF34B7-E1E9-4A28-B5D3-8ACDA2B0DDBD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.13.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9050973E-3A55-4601-B03E-138C3187F858\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.13.0:a1:*:*:*:*:*:*\", \"matchCriteriaId\": \"9B7A80F2-F98D-4147-971D-C0C8CC61171A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.13.0:a2:*:*:*:*:*:*\", \"matchCriteriaId\": \"20900397-13D4-423F-B34A-B9CF7E664290\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.13.0:a3:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D678FB1-C5EB-49DF-BAAD-81BB12AAA9A3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.13.0:a4:*:*:*:*:*:*\", \"matchCriteriaId\": \"4894BEE3-918A-4391-8EEC-37A5C0037E6F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.13.0:b1:*:*:*:*:*:*\", \"matchCriteriaId\": \"AE1ADEFB-09F4-4677-853D-670AC646C319\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.13.0:c1:*:*:*:*:*:*\", \"matchCriteriaId\": \"5BB1F4C5-4F42-40F5-9180-ED60257BD7BA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.13.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E1CD5888-B251-40B4-AF2D-F84ADCA66ABE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.13.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"68EAFD75-6FA4-44D4-8F7E-4A1ADE2FE48C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.13.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6623BA51-B166-41B6-A5AD-8230AD866B76\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.13.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F9FE75C9-A9F0-40DB-B808-EC6015DE6613\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.13.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5C04B10C-5E7F-4FB8-9EF0-A27C7E1B938A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.13.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D23B7F57-303C-41CE-8183-BE98799CB725\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.13.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C42775B2-DF65-4CFE-9D75-4718AE19F994\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.13.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"58756ADE-20C0-42E3-8732-CADF383D42C3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.13.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E0E75387-929B-44C0-BC03-EA3B89B724D5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:zope:zope:2.13.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DFD7C03B-191C-414D-961D-A572481ACA19\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad no especificada en Zope v2.12.x y v2.13.x, tal como se usa en Plone v4.0.x hasta v4.0.9., v4.1, y v4.2 hasta v4.2a2, permite a atacantes remotos ejecutar comandos de su elecci\\u00f3n a trav\\u00e9s de vectores relacionados con el p_ class en OFS/misc_.py y el uso de m\\u00f3dulos Python.\"}]",
      "id": "CVE-2011-3587",
      "lastModified": "2024-11-21T01:30:48.157",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 9.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2011-10-10T10:55:06.787",
      "references": "[{\"url\": \"http://plone.org/products/plone-hotfix/releases/20110928\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://plone.org/products/plone-hotfix/releases/20110928/PloneHotfix20110928-1.0.zip\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://plone.org/products/plone/security/advisories/20110928\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://pypi.python.org/pypi/Products.PloneHotfix20110928/1.0\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://secunia.com/advisories/46221\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/46323\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=742297\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://plone.org/products/plone-hotfix/releases/20110928\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://plone.org/products/plone-hotfix/releases/20110928/PloneHotfix20110928-1.0.zip\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://plone.org/products/plone/security/advisories/20110928\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://pypi.python.org/pypi/Products.PloneHotfix20110928/1.0\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://secunia.com/advisories/46221\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/46323\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=742297\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}]",
      "sourceIdentifier": "secalert@redhat.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2011-3587\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2011-10-10T10:55:06.787\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad no especificada en Zope v2.12.x y v2.13.x, tal como se usa en Plone v4.0.x hasta v4.0.9., v4.1, y v4.2 hasta v4.2a2, permite a atacantes remotos ejecutar comandos de su elecci\u00f3n a trav\u00e9s de vectores relacionados con el p_ class en OFS/misc_.py y el uso de m\u00f3dulos Python.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3306D84-0F5B-46BA-9BCC-DCD0A1CDD604\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:4.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E08F4534-A588-463F-A745-39E559AB1CB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:4.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B64341BA-5722-415E-9771-9837168AB7C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:4.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2929227-AE19-428D-9AC3-D312A559039B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:4.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B6DC866-0FEE-475B-855C-A69E004810CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:4.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"50BF3E8E-152C-4E89-BAA2-A952D10F4611\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:4.0.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49DB97A7-89DD-43C0-A490-84AA7069764B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:4.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1F88BF6-9058-4CB8-A2D6-5653860CF489\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:4.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2AA3FA2-15C3-444A-8810-5EF3E0E84D58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:4.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72F3B15A-CD0F-4CC5-A76F-E62637B30E2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C44B53B-953B-4522-A5B4-11573850D2CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F1818BB-E23A-4136-898D-1D0C80C08728\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:4.2a1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CA5A1E3-EC1E-482D-B074-1304FBF963F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:4.2a2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1DE6064F-67CC-4DA5-A4A8-D9E1F701B1A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2704CA8B-2AB3-48C7-85DC-66F9AD667E0B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.12.0:a1:*:*:*:*:*:*\",\"matchCriteriaId\":\"020F418B-589E-4864-89DB-29AAFBF41491\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.12.0:a2:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCE1948E-7DA4-4F5B-8BE0-6F775356F286\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.12.0:a3:*:*:*:*:*:*\",\"matchCriteriaId\":\"44497A5B-01FC-4931-A478-5BC1C0E2E155\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.12.0:a4:*:*:*:*:*:*\",\"matchCriteriaId\":\"D53DE247-B6F9-43B5-A1C8-631183AF5FC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.12.0:b1:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F6993A9-74C2-443B-8C58-FA5BA972573C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.12.0:b2:*:*:*:*:*:*\",\"matchCriteriaId\":\"029814EB-380B-4DE5-8E79-7DA8D3C78C04\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.12.0:b3:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA8E46A4-1706-4E2D-9353-3E7F9C70E405\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.12.0:b4:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFF98E8F-3D3D-477E-A750-59C26156FD1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.12.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB0F8805-2E74-40F6-BAE1-DB8187043611\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.12.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD3A0116-BDE0-490A-8CE6-0B4B0E003887\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.12.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73D8DF4A-46E9-4D1F-88DF-2C0EB274B280\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.12.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCB94584-6842-429F-A5E5-DFB3037B1DD3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.12.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A3CB9CA-8F81-4E9B-B334-83D28DFBB44D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.12.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0262630B-153C-47D8-A852-ADCADED1B4B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.12.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B5E37A4-EE2F-4DCA-928F-553EDD487A09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.12.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DD494AD-C46F-455E-941B-8B6135EB3566\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.12.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B485846-EC9D-426C-BFE0-A9E647D6C65D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.12.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E814BB0A-D5D3-4756-8135-0A7EFF9D8538\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.12.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A638BB63-7F91-4A5E-9FEC-C19E2A585CB7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.12.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98FD488D-8C25-4553-8F3E-E4AEACCBD23F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.12.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"821C6F9D-B9F5-4525-870C-1F57943B008C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.12.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BB9641A-97D9-4AC7-85F8-1604D5EBFECC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.12.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0F5B68D-E59B-4605-869D-7FD5CCD7C6B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.12.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14D1EA26-9BB1-4917-94BC-2E08864770FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.12.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8EEB553C-21A6-4670-A37A-C2A7D360512D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.12.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5767213A-DD93-4FDF-9E0E-B90814D71BC2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.12.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89E07BBF-DDAC-46E0-85E5-EAF01C8D3747\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.12.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46DF34B7-E1E9-4A28-B5D3-8ACDA2B0DDBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.13.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9050973E-3A55-4601-B03E-138C3187F858\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.13.0:a1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B7A80F2-F98D-4147-971D-C0C8CC61171A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.13.0:a2:*:*:*:*:*:*\",\"matchCriteriaId\":\"20900397-13D4-423F-B34A-B9CF7E664290\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.13.0:a3:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D678FB1-C5EB-49DF-BAAD-81BB12AAA9A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.13.0:a4:*:*:*:*:*:*\",\"matchCriteriaId\":\"4894BEE3-918A-4391-8EEC-37A5C0037E6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.13.0:b1:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE1ADEFB-09F4-4677-853D-670AC646C319\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.13.0:c1:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BB1F4C5-4F42-40F5-9180-ED60257BD7BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.13.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1CD5888-B251-40B4-AF2D-F84ADCA66ABE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.13.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68EAFD75-6FA4-44D4-8F7E-4A1ADE2FE48C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.13.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6623BA51-B166-41B6-A5AD-8230AD866B76\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.13.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9FE75C9-A9F0-40DB-B808-EC6015DE6613\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.13.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C04B10C-5E7F-4FB8-9EF0-A27C7E1B938A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.13.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D23B7F57-303C-41CE-8183-BE98799CB725\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.13.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C42775B2-DF65-4CFE-9D75-4718AE19F994\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.13.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58756ADE-20C0-42E3-8732-CADF383D42C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.13.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0E75387-929B-44C0-BC03-EA3B89B724D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zope:zope:2.13.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFD7C03B-191C-414D-961D-A572481ACA19\"}]}]}],\"references\":[{\"url\":\"http://plone.org/products/plone-hotfix/releases/20110928\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://plone.org/products/plone-hotfix/releases/20110928/PloneHotfix20110928-1.0.zip\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://plone.org/products/plone/security/advisories/20110928\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://pypi.python.org/pypi/Products.PloneHotfix20110928/1.0\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://secunia.com/advisories/46221\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/46323\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=742297\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://plone.org/products/plone-hotfix/releases/20110928\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://plone.org/products/plone-hotfix/releases/20110928/PloneHotfix20110928-1.0.zip\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://plone.org/products/plone/security/advisories/20110928\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://pypi.python.org/pypi/Products.PloneHotfix20110928/1.0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://secunia.com/advisories/46221\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/46323\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=742297\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}"
  }
}

GSD-2011-3587

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2011-3587

Aliases

CVE-2011-3587

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2011-3587",
    "description": "Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules.",
    "id": "GSD-2011-3587",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2011-3587"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2011-3587"
      ],
      "details": "Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules.",
      "id": "GSD-2011-3587",
      "modified": "2023-12-13T01:19:09.452395Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2011-3587",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://plone.org/products/plone-hotfix/releases/20110928",
            "refsource": "MISC",
            "url": "http://plone.org/products/plone-hotfix/releases/20110928"
          },
          {
            "name": "http://plone.org/products/plone-hotfix/releases/20110928/PloneHotfix20110928-1.0.zip",
            "refsource": "MISC",
            "url": "http://plone.org/products/plone-hotfix/releases/20110928/PloneHotfix20110928-1.0.zip"
          },
          {
            "name": "http://plone.org/products/plone/security/advisories/20110928",
            "refsource": "MISC",
            "url": "http://plone.org/products/plone/security/advisories/20110928"
          },
          {
            "name": "http://pypi.python.org/pypi/Products.PloneHotfix20110928/1.0",
            "refsource": "MISC",
            "url": "http://pypi.python.org/pypi/Products.PloneHotfix20110928/1.0"
          },
          {
            "name": "http://secunia.com/advisories/46221",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/46221"
          },
          {
            "name": "http://secunia.com/advisories/46323",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/46323"
          },
          {
            "name": "http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587",
            "refsource": "MISC",
            "url": "http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=742297",
            "refsource": "MISC",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=742297"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.12.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.12.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.12.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.12.0:b3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.12.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.12.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.13.0:b1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.13.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.13.0:a4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.13.0:a1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:plone:plone:4.0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:plone:plone:4.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:plone:plone:4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:plone:plone:4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.12.0:a2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.12.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.12.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.12.0:b1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.12.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.12.18:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.12.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.13.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.13.0:c1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.12.19:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.12.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:plone:plone:4.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:plone:plone:4.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:plone:plone:4.2a2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:plone:plone:4.2a1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.12.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.12.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.12.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.12.0:a3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.12.0:a4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.12.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.12.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.13.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.13.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.13.0:a2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.13.0:a3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.13.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:plone:plone:4.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:plone:plone:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:plone:plone:4.0.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.12.0:b2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.12.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.12.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.12.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.12.0:b4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.12.0:a1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.12.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.13.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.13.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.13.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.13.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.13.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zope:zope:2.13.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:plone:plone:4.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:plone:plone:4.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:plone:plone:4.0.6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2011-3587"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=742297",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=742297"
            },
            {
              "name": "http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587"
            },
            {
              "name": "http://plone.org/products/plone-hotfix/releases/20110928/PloneHotfix20110928-1.0.zip",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "http://plone.org/products/plone-hotfix/releases/20110928/PloneHotfix20110928-1.0.zip"
            },
            {
              "name": "http://pypi.python.org/pypi/Products.PloneHotfix20110928/1.0",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "http://pypi.python.org/pypi/Products.PloneHotfix20110928/1.0"
            },
            {
              "name": "http://plone.org/products/plone/security/advisories/20110928",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://plone.org/products/plone/security/advisories/20110928"
            },
            {
              "name": "46221",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/46221"
            },
            {
              "name": "http://plone.org/products/plone-hotfix/releases/20110928",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "http://plone.org/products/plone-hotfix/releases/20110928"
            },
            {
              "name": "46323",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/46323"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2011-10-21T02:56Z",
      "publishedDate": "2011-10-10T10:55Z"
    }
  }
}

CERTA-2011-AVI-548

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité dans Zope permet à un utilisateur non authentifié d'exécuter du code arbitraire à distance.

Description

Une requête spécialement construite permet à un utilisateur distant non authentifié d'exécuter du code arbitraire à distance avec les droits du serveur Plone ou Zope.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	N/A	N/A	Plone 4.x ;
	N/A	N/A	Zope 2.12.x et 2.13.x.

References

Title

Publication Time

Tags

Bulletin de sécurité Plone du 04 octobre 2011

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Plone 4.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Zope 2.12.x et 2.13.x.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUne requ\u00eate sp\u00e9cialement construite permet \u00e0 un utilisateur distant non\nauthentifi\u00e9 d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance avec les droits du\nserveur Plone ou Zope.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-3587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3587"
    }
  ],
  "links": [],
  "reference": "CERTA-2011-AVI-548",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-10-05T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 dans Zope permet \u00e0 un utilisateur non authentifi\u00e9\nd\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Plone et Zope",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Plone du 04 octobre 2011",
      "url": "http://plone.org/products/plone/security/advisories/20110928"
    }
  ]
}

CERTA-2011-AVI-548

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité dans Zope permet à un utilisateur non authentifié d'exécuter du code arbitraire à distance.

Description

Une requête spécialement construite permet à un utilisateur distant non authentifié d'exécuter du code arbitraire à distance avec les droits du serveur Plone ou Zope.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	N/A	N/A	Plone 4.x ;
	N/A	N/A	Zope 2.12.x et 2.13.x.

References

Title

Publication Time

Tags

Bulletin de sécurité Plone du 04 octobre 2011

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Plone 4.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Zope 2.12.x et 2.13.x.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUne requ\u00eate sp\u00e9cialement construite permet \u00e0 un utilisateur distant non\nauthentifi\u00e9 d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance avec les droits du\nserveur Plone ou Zope.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-3587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3587"
    }
  ],
  "links": [],
  "reference": "CERTA-2011-AVI-548",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-10-05T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 dans Zope permet \u00e0 un utilisateur non authentifi\u00e9\nd\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Plone et Zope",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Plone du 04 octobre 2011",
      "url": "http://plone.org/products/plone/security/advisories/20110928"
    }
  ]
}

FKIE_CVE-2011-3587

Vulnerability from fkie_nvd - Published: 2011-10-10 10:55 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
secalert@redhat.com	http://plone.org/products/plone-hotfix/releases/20110928	Patch
secalert@redhat.com	http://plone.org/products/plone-hotfix/releases/20110928/PloneHotfix20110928-1.0.zip	Patch
secalert@redhat.com	http://plone.org/products/plone/security/advisories/20110928	Patch, Vendor Advisory
secalert@redhat.com	http://pypi.python.org/pypi/Products.PloneHotfix20110928/1.0	Patch
secalert@redhat.com	http://secunia.com/advisories/46221	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/46323
secalert@redhat.com	http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587	Patch
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=742297	Patch
af854a3a-2127-422b-91ae-364da2661108	http://plone.org/products/plone-hotfix/releases/20110928	Patch
af854a3a-2127-422b-91ae-364da2661108	http://plone.org/products/plone-hotfix/releases/20110928/PloneHotfix20110928-1.0.zip	Patch
af854a3a-2127-422b-91ae-364da2661108	http://plone.org/products/plone/security/advisories/20110928	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://pypi.python.org/pypi/Products.PloneHotfix20110928/1.0	Patch
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/46221	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/46323
af854a3a-2127-422b-91ae-364da2661108	http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587	Patch
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=742297	Patch

Impacted products

Vendor	Product	Version
plone	plone	4.0
plone	plone	4.0.1
plone	plone	4.0.2
plone	plone	4.0.3
plone	plone	4.0.4
plone	plone	4.0.5
plone	plone	4.0.6.1
plone	plone	4.0.7
plone	plone	4.0.8
plone	plone	4.0.9
plone	plone	4.1
plone	plone	4.2
plone	plone	4.2a1
plone	plone	4.2a2
zope	zope	2.12.0
zope	zope	2.12.0
zope	zope	2.12.0
zope	zope	2.12.0
zope	zope	2.12.0
zope	zope	2.12.0
zope	zope	2.12.0
zope	zope	2.12.0
zope	zope	2.12.0
zope	zope	2.12.1
zope	zope	2.12.2
zope	zope	2.12.3
zope	zope	2.12.4
zope	zope	2.12.5
zope	zope	2.12.6
zope	zope	2.12.7
zope	zope	2.12.8
zope	zope	2.12.9
zope	zope	2.12.10
zope	zope	2.12.11
zope	zope	2.12.12
zope	zope	2.12.13
zope	zope	2.12.14
zope	zope	2.12.15
zope	zope	2.12.16
zope	zope	2.12.17
zope	zope	2.12.18
zope	zope	2.12.19
zope	zope	2.12.20
zope	zope	2.13.0
zope	zope	2.13.0
zope	zope	2.13.0
zope	zope	2.13.0
zope	zope	2.13.0
zope	zope	2.13.0
zope	zope	2.13.0
zope	zope	2.13.1
zope	zope	2.13.2
zope	zope	2.13.3
zope	zope	2.13.4
zope	zope	2.13.5
zope	zope	2.13.6
zope	zope	2.13.7
zope	zope	2.13.8
zope	zope	2.13.9
zope	zope	2.13.10

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:plone:plone:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3306D84-0F5B-46BA-9BCC-DCD0A1CDD604",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:plone:plone:4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E08F4534-A588-463F-A745-39E559AB1CB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:plone:plone:4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B64341BA-5722-415E-9771-9837168AB7C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:plone:plone:4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2929227-AE19-428D-9AC3-D312A559039B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:plone:plone:4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B6DC866-0FEE-475B-855C-A69E004810CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:plone:plone:4.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "50BF3E8E-152C-4E89-BAA2-A952D10F4611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:plone:plone:4.0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "49DB97A7-89DD-43C0-A490-84AA7069764B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:plone:plone:4.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1F88BF6-9058-4CB8-A2D6-5653860CF489",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:plone:plone:4.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2AA3FA2-15C3-444A-8810-5EF3E0E84D58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:plone:plone:4.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "72F3B15A-CD0F-4CC5-A76F-E62637B30E2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:plone:plone:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C44B53B-953B-4522-A5B4-11573850D2CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:plone:plone:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F1818BB-E23A-4136-898D-1D0C80C08728",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:plone:plone:4.2a1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA5A1E3-EC1E-482D-B074-1304FBF963F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:plone:plone:4.2a2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DE6064F-67CC-4DA5-A4A8-D9E1F701B1A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2704CA8B-2AB3-48C7-85DC-66F9AD667E0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.12.0:a1:*:*:*:*:*:*",
              "matchCriteriaId": "020F418B-589E-4864-89DB-29AAFBF41491",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.12.0:a2:*:*:*:*:*:*",
              "matchCriteriaId": "FCE1948E-7DA4-4F5B-8BE0-6F775356F286",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.12.0:a3:*:*:*:*:*:*",
              "matchCriteriaId": "44497A5B-01FC-4931-A478-5BC1C0E2E155",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.12.0:a4:*:*:*:*:*:*",
              "matchCriteriaId": "D53DE247-B6F9-43B5-A1C8-631183AF5FC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.12.0:b1:*:*:*:*:*:*",
              "matchCriteriaId": "0F6993A9-74C2-443B-8C58-FA5BA972573C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.12.0:b2:*:*:*:*:*:*",
              "matchCriteriaId": "029814EB-380B-4DE5-8E79-7DA8D3C78C04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.12.0:b3:*:*:*:*:*:*",
              "matchCriteriaId": "BA8E46A4-1706-4E2D-9353-3E7F9C70E405",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.12.0:b4:*:*:*:*:*:*",
              "matchCriteriaId": "CFF98E8F-3D3D-477E-A750-59C26156FD1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB0F8805-2E74-40F6-BAE1-DB8187043611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD3A0116-BDE0-490A-8CE6-0B4B0E003887",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "73D8DF4A-46E9-4D1F-88DF-2C0EB274B280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCB94584-6842-429F-A5E5-DFB3037B1DD3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.12.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A3CB9CA-8F81-4E9B-B334-83D28DFBB44D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.12.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0262630B-153C-47D8-A852-ADCADED1B4B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.12.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B5E37A4-EE2F-4DCA-928F-553EDD487A09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.12.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DD494AD-C46F-455E-941B-8B6135EB3566",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.12.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B485846-EC9D-426C-BFE0-A9E647D6C65D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.12.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "E814BB0A-D5D3-4756-8135-0A7EFF9D8538",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.12.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "A638BB63-7F91-4A5E-9FEC-C19E2A585CB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.12.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "98FD488D-8C25-4553-8F3E-E4AEACCBD23F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.12.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "821C6F9D-B9F5-4525-870C-1F57943B008C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.12.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BB9641A-97D9-4AC7-85F8-1604D5EBFECC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.12.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0F5B68D-E59B-4605-869D-7FD5CCD7C6B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.12.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "14D1EA26-9BB1-4917-94BC-2E08864770FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.12.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EEB553C-21A6-4670-A37A-C2A7D360512D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.12.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "5767213A-DD93-4FDF-9E0E-B90814D71BC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.12.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "89E07BBF-DDAC-46E0-85E5-EAF01C8D3747",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.12.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "46DF34B7-E1E9-4A28-B5D3-8ACDA2B0DDBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.13.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9050973E-3A55-4601-B03E-138C3187F858",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.13.0:a1:*:*:*:*:*:*",
              "matchCriteriaId": "9B7A80F2-F98D-4147-971D-C0C8CC61171A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.13.0:a2:*:*:*:*:*:*",
              "matchCriteriaId": "20900397-13D4-423F-B34A-B9CF7E664290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.13.0:a3:*:*:*:*:*:*",
              "matchCriteriaId": "9D678FB1-C5EB-49DF-BAAD-81BB12AAA9A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.13.0:a4:*:*:*:*:*:*",
              "matchCriteriaId": "4894BEE3-918A-4391-8EEC-37A5C0037E6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.13.0:b1:*:*:*:*:*:*",
              "matchCriteriaId": "AE1ADEFB-09F4-4677-853D-670AC646C319",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.13.0:c1:*:*:*:*:*:*",
              "matchCriteriaId": "5BB1F4C5-4F42-40F5-9180-ED60257BD7BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.13.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1CD5888-B251-40B4-AF2D-F84ADCA66ABE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.13.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "68EAFD75-6FA4-44D4-8F7E-4A1ADE2FE48C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.13.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6623BA51-B166-41B6-A5AD-8230AD866B76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.13.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9FE75C9-A9F0-40DB-B808-EC6015DE6613",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.13.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C04B10C-5E7F-4FB8-9EF0-A27C7E1B938A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.13.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "D23B7F57-303C-41CE-8183-BE98799CB725",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.13.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C42775B2-DF65-4CFE-9D75-4718AE19F994",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.13.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "58756ADE-20C0-42E3-8732-CADF383D42C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.13.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0E75387-929B-44C0-BC03-EA3B89B724D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zope:zope:2.13.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFD7C03B-191C-414D-961D-A572481ACA19",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en Zope v2.12.x y v2.13.x, tal como se usa en Plone v4.0.x hasta v4.0.9., v4.1, y v4.2 hasta v4.2a2, permite a atacantes remotos ejecutar comandos de su elecci\u00f3n a trav\u00e9s de vectores relacionados con el p_ class en OFS/misc_.py y el uso de m\u00f3dulos Python."
    }
  ],
  "id": "CVE-2011-3587",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2011-10-10T10:55:06.787",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://plone.org/products/plone-hotfix/releases/20110928"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://plone.org/products/plone-hotfix/releases/20110928/PloneHotfix20110928-1.0.zip"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://plone.org/products/plone/security/advisories/20110928"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://pypi.python.org/pypi/Products.PloneHotfix20110928/1.0"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46221"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/46323"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=742297"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://plone.org/products/plone-hotfix/releases/20110928"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://plone.org/products/plone-hotfix/releases/20110928/PloneHotfix20110928-1.0.zip"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://plone.org/products/plone/security/advisories/20110928"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://pypi.python.org/pypi/Products.PloneHotfix20110928/1.0"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46221"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/46323"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=742297"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-8W48-M6HX-RJW2

Vulnerability from github – Published: 2022-05-17 05:37 – Updated: 2024-11-22 20:15

Summary

Zope Command Execution Vulnerability

Details

Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules.

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "zope2"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.12.0"
            },
            {
              "fixed": "2.12.20"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "zope2"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.13.0"
            },
            {
              "fixed": "2.13.10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2011-3587"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": true,
    "github_reviewed_at": "2024-01-15T18:14:23Z",
    "nvd_published_at": "2011-10-10T10:55:00Z",
    "severity": "HIGH"
  },
  "details": "Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the `p_` class in `OFS/misc_.py` and the use of Python modules.",
  "id": "GHSA-8w48-m6hx-rjw2",
  "modified": "2024-11-22T20:15:48Z",
  "published": "2022-05-17T05:37:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-3587"
    },
    {
      "type": "WEB",
      "url": "https://github.com/zopefoundation/Zope/commit/491a583d8c6622b80c75917e5017c4bb4b15e477"
    },
    {
      "type": "WEB",
      "url": "https://github.com/zopefoundation/Zope/commit/6bb2fb3c04a76b00bec9bd7c069733e06fa6ebe9"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=742297"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/products-plonehotfix20110928/PYSEC-2011-26.yaml"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/zopefoundation/Zope"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20111013043934/http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587"
    },
    {
      "type": "WEB",
      "url": "http://plone.org/products/plone-hotfix/releases/20110928"
    },
    {
      "type": "WEB",
      "url": "http://plone.org/products/plone-hotfix/releases/20110928/PloneHotfix20110928-1.0.zip"
    },
    {
      "type": "WEB",
      "url": "http://plone.org/products/plone/security/advisories/20110928"
    },
    {
      "type": "WEB",
      "url": "http://pypi.python.org/pypi/Products.PloneHotfix20110928/1.0"
    },
    {
      "type": "WEB",
      "url": "http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [],
  "summary": "Zope Command Execution Vulnerability"
}

PYSEC-2011-26

Vulnerability from pysec - Published: 2011-10-10 10:55 - Updated: 2024-11-21 14:22

Details

Impacted products

Name	purl
products-plonehotfix20110928	pkg:pypi/products-plonehotfix20110928

Aliases

CVE-2011-3587

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "products-plonehotfix20110928",
        "purl": "pkg:pypi/products-plonehotfix20110928"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "1.0",
        "1.1"
      ]
    }
  ],
  "aliases": [
    "CVE-2011-3587"
  ],
  "details": "Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules.",
  "id": "PYSEC-2011-26",
  "modified": "2024-11-21T14:22:59.154748Z",
  "published": "2011-10-10T10:55:00Z",
  "references": [
    {
      "type": "FIX",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=742297"
    },
    {
      "type": "FIX",
      "url": "http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587"
    },
    {
      "type": "FIX",
      "url": "http://plone.org/products/plone-hotfix/releases/20110928/PloneHotfix20110928-1.0.zip"
    },
    {
      "type": "FIX",
      "url": "http://pypi.python.org/pypi/Products.PloneHotfix20110928/1.0"
    },
    {
      "type": "FIX",
      "url": "http://plone.org/products/plone/security/advisories/20110928"
    },
    {
      "type": "ADVISORY",
      "url": "http://plone.org/products/plone/security/advisories/20110928"
    },
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/advisories/46221"
    },
    {
      "type": "FIX",
      "url": "http://plone.org/products/plone-hotfix/releases/20110928"
    },
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/advisories/46323"
    }
  ],
  "withdrawn": "2024-11-22T04:37:05Z"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2011-3587 (GCVE-0-2011-3587)

GSD-2011-3587

CERTA-2011-AVI-548

Description

Solution

CERTA-2011-AVI-548

Description

Solution

FKIE_CVE-2011-3587

GHSA-8W48-M6HX-RJW2

PYSEC-2011-26

Tags

Sightings

Nomenclature