FKIE_CVE-2011-3587
Vulnerability from fkie_nvd - Published: 2011-10-10 10:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| plone | plone | 4.0 | |
| plone | plone | 4.0.1 | |
| plone | plone | 4.0.2 | |
| plone | plone | 4.0.3 | |
| plone | plone | 4.0.4 | |
| plone | plone | 4.0.5 | |
| plone | plone | 4.0.6.1 | |
| plone | plone | 4.0.7 | |
| plone | plone | 4.0.8 | |
| plone | plone | 4.0.9 | |
| plone | plone | 4.1 | |
| plone | plone | 4.2 | |
| plone | plone | 4.2a1 | |
| plone | plone | 4.2a2 | |
| zope | zope | 2.12.0 | |
| zope | zope | 2.12.0 | |
| zope | zope | 2.12.0 | |
| zope | zope | 2.12.0 | |
| zope | zope | 2.12.0 | |
| zope | zope | 2.12.0 | |
| zope | zope | 2.12.0 | |
| zope | zope | 2.12.0 | |
| zope | zope | 2.12.0 | |
| zope | zope | 2.12.1 | |
| zope | zope | 2.12.2 | |
| zope | zope | 2.12.3 | |
| zope | zope | 2.12.4 | |
| zope | zope | 2.12.5 | |
| zope | zope | 2.12.6 | |
| zope | zope | 2.12.7 | |
| zope | zope | 2.12.8 | |
| zope | zope | 2.12.9 | |
| zope | zope | 2.12.10 | |
| zope | zope | 2.12.11 | |
| zope | zope | 2.12.12 | |
| zope | zope | 2.12.13 | |
| zope | zope | 2.12.14 | |
| zope | zope | 2.12.15 | |
| zope | zope | 2.12.16 | |
| zope | zope | 2.12.17 | |
| zope | zope | 2.12.18 | |
| zope | zope | 2.12.19 | |
| zope | zope | 2.12.20 | |
| zope | zope | 2.13.0 | |
| zope | zope | 2.13.0 | |
| zope | zope | 2.13.0 | |
| zope | zope | 2.13.0 | |
| zope | zope | 2.13.0 | |
| zope | zope | 2.13.0 | |
| zope | zope | 2.13.0 | |
| zope | zope | 2.13.1 | |
| zope | zope | 2.13.2 | |
| zope | zope | 2.13.3 | |
| zope | zope | 2.13.4 | |
| zope | zope | 2.13.5 | |
| zope | zope | 2.13.6 | |
| zope | zope | 2.13.7 | |
| zope | zope | 2.13.8 | |
| zope | zope | 2.13.9 | |
| zope | zope | 2.13.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:plone:plone:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3306D84-0F5B-46BA-9BCC-DCD0A1CDD604",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E08F4534-A588-463F-A745-39E559AB1CB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B64341BA-5722-415E-9771-9837168AB7C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E2929227-AE19-428D-9AC3-D312A559039B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3B6DC866-0FEE-475B-855C-A69E004810CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "50BF3E8E-152C-4E89-BAA2-A952D10F4611",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:4.0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49DB97A7-89DD-43C0-A490-84AA7069764B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F88BF6-9058-4CB8-A2D6-5653860CF489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:4.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B2AA3FA2-15C3-444A-8810-5EF3E0E84D58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:4.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "72F3B15A-CD0F-4CC5-A76F-E62637B30E2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C44B53B-953B-4522-A5B4-11573850D2CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1F1818BB-E23A-4136-898D-1D0C80C08728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:4.2a1:*:*:*:*:*:*:*",
"matchCriteriaId": "3CA5A1E3-EC1E-482D-B074-1304FBF963F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:plone:plone:4.2a2:*:*:*:*:*:*:*",
"matchCriteriaId": "1DE6064F-67CC-4DA5-A4A8-D9E1F701B1A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2704CA8B-2AB3-48C7-85DC-66F9AD667E0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.0:a1:*:*:*:*:*:*",
"matchCriteriaId": "020F418B-589E-4864-89DB-29AAFBF41491",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.0:a2:*:*:*:*:*:*",
"matchCriteriaId": "FCE1948E-7DA4-4F5B-8BE0-6F775356F286",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.0:a3:*:*:*:*:*:*",
"matchCriteriaId": "44497A5B-01FC-4931-A478-5BC1C0E2E155",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.0:a4:*:*:*:*:*:*",
"matchCriteriaId": "D53DE247-B6F9-43B5-A1C8-631183AF5FC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.0:b1:*:*:*:*:*:*",
"matchCriteriaId": "0F6993A9-74C2-443B-8C58-FA5BA972573C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.0:b2:*:*:*:*:*:*",
"matchCriteriaId": "029814EB-380B-4DE5-8E79-7DA8D3C78C04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.0:b3:*:*:*:*:*:*",
"matchCriteriaId": "BA8E46A4-1706-4E2D-9353-3E7F9C70E405",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.0:b4:*:*:*:*:*:*",
"matchCriteriaId": "CFF98E8F-3D3D-477E-A750-59C26156FD1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0F8805-2E74-40F6-BAE1-DB8187043611",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD3A0116-BDE0-490A-8CE6-0B4B0E003887",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "73D8DF4A-46E9-4D1F-88DF-2C0EB274B280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB94584-6842-429F-A5E5-DFB3037B1DD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6A3CB9CA-8F81-4E9B-B334-83D28DFBB44D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0262630B-153C-47D8-A852-ADCADED1B4B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8B5E37A4-EE2F-4DCA-928F-553EDD487A09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6DD494AD-C46F-455E-941B-8B6135EB3566",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.9:*:*:*:*:*:*:*",
"matchCriteriaId": "1B485846-EC9D-426C-BFE0-A9E647D6C65D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E814BB0A-D5D3-4756-8135-0A7EFF9D8538",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A638BB63-7F91-4A5E-9FEC-C19E2A585CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.12:*:*:*:*:*:*:*",
"matchCriteriaId": "98FD488D-8C25-4553-8F3E-E4AEACCBD23F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.13:*:*:*:*:*:*:*",
"matchCriteriaId": "821C6F9D-B9F5-4525-870C-1F57943B008C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.14:*:*:*:*:*:*:*",
"matchCriteriaId": "4BB9641A-97D9-4AC7-85F8-1604D5EBFECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.15:*:*:*:*:*:*:*",
"matchCriteriaId": "C0F5B68D-E59B-4605-869D-7FD5CCD7C6B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.16:*:*:*:*:*:*:*",
"matchCriteriaId": "14D1EA26-9BB1-4917-94BC-2E08864770FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8EEB553C-21A6-4670-A37A-C2A7D360512D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.18:*:*:*:*:*:*:*",
"matchCriteriaId": "5767213A-DD93-4FDF-9E0E-B90814D71BC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.19:*:*:*:*:*:*:*",
"matchCriteriaId": "89E07BBF-DDAC-46E0-85E5-EAF01C8D3747",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.12.20:*:*:*:*:*:*:*",
"matchCriteriaId": "46DF34B7-E1E9-4A28-B5D3-8ACDA2B0DDBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9050973E-3A55-4601-B03E-138C3187F858",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.13.0:a1:*:*:*:*:*:*",
"matchCriteriaId": "9B7A80F2-F98D-4147-971D-C0C8CC61171A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.13.0:a2:*:*:*:*:*:*",
"matchCriteriaId": "20900397-13D4-423F-B34A-B9CF7E664290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.13.0:a3:*:*:*:*:*:*",
"matchCriteriaId": "9D678FB1-C5EB-49DF-BAAD-81BB12AAA9A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.13.0:a4:*:*:*:*:*:*",
"matchCriteriaId": "4894BEE3-918A-4391-8EEC-37A5C0037E6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.13.0:b1:*:*:*:*:*:*",
"matchCriteriaId": "AE1ADEFB-09F4-4677-853D-670AC646C319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.13.0:c1:*:*:*:*:*:*",
"matchCriteriaId": "5BB1F4C5-4F42-40F5-9180-ED60257BD7BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E1CD5888-B251-40B4-AF2D-F84ADCA66ABE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "68EAFD75-6FA4-44D4-8F7E-4A1ADE2FE48C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.13.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6623BA51-B166-41B6-A5AD-8230AD866B76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.13.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F9FE75C9-A9F0-40DB-B808-EC6015DE6613",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.13.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5C04B10C-5E7F-4FB8-9EF0-A27C7E1B938A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.13.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D23B7F57-303C-41CE-8183-BE98799CB725",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.13.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C42775B2-DF65-4CFE-9D75-4718AE19F994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.13.8:*:*:*:*:*:*:*",
"matchCriteriaId": "58756ADE-20C0-42E3-8732-CADF383D42C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.13.9:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E75387-929B-44C0-BC03-EA3B89B724D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zope:zope:2.13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "DFD7C03B-191C-414D-961D-A572481ACA19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Zope v2.12.x y v2.13.x, tal como se usa en Plone v4.0.x hasta v4.0.9., v4.1, y v4.2 hasta v4.2a2, permite a atacantes remotos ejecutar comandos de su elecci\u00f3n a trav\u00e9s de vectores relacionados con el p_ class en OFS/misc_.py y el uso de m\u00f3dulos Python."
}
],
"id": "CVE-2011-3587",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-10-10T10:55:06.787",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://plone.org/products/plone-hotfix/releases/20110928"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://plone.org/products/plone-hotfix/releases/20110928/PloneHotfix20110928-1.0.zip"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://plone.org/products/plone/security/advisories/20110928"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://pypi.python.org/pypi/Products.PloneHotfix20110928/1.0"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46221"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/46323"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=742297"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://plone.org/products/plone-hotfix/releases/20110928"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://plone.org/products/plone-hotfix/releases/20110928/PloneHotfix20110928-1.0.zip"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://plone.org/products/plone/security/advisories/20110928"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://pypi.python.org/pypi/Products.PloneHotfix20110928/1.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46221"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/46323"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=742297"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…