Описание
Zope Command Execution Vulnerability
Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2011-3587
- https://github.com/zopefoundation/Zope/commit/491a583d8c6622b80c75917e5017c4bb4b15e477
- https://github.com/zopefoundation/Zope/commit/6bb2fb3c04a76b00bec9bd7c069733e06fa6ebe9
- https://bugzilla.redhat.com/show_bug.cgi?id=742297
- https://github.com/pypa/advisory-database/tree/main/vulns/products-plonehotfix20110928/PYSEC-2011-26.yaml
- https://web.archive.org/web/20111013043934/http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587
- http://plone.org/products/plone-hotfix/releases/20110928
- http://plone.org/products/plone-hotfix/releases/20110928/PloneHotfix20110928-1.0.zip
- http://plone.org/products/plone/security/advisories/20110928
- http://pypi.python.org/pypi/Products.PloneHotfix20110928/1.0
- http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587
Пакеты
zope2
>= 2.12.0, < 2.12.20
2.12.20
zope2
>= 2.13.0, < 2.13.10
2.13.10
EPSS
CVE ID
Связанные уязвимости
Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules.
Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules.
Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone ...
EPSS