CVE-2011-3587

Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 99%
VendorProductVersion
ploneplone
4.0
ploneplone
4.0.1
ploneplone
4.0.2
ploneplone
4.0.3
ploneplone
4.0.4
ploneplone
4.0.5
ploneplone
4.0.6.1
ploneplone
4.0.7
ploneplone
4.0.8
ploneplone
4.0.9
ploneplone
4.1
ploneplone
4.2
ploneplone
4.2a1:a1
ploneplone
4.2a2:a2
zopezope
2.12.0
zopezope
2.12.0:a1
zopezope
2.12.0:a2
zopezope
2.12.0:a3
zopezope
2.12.0:a4
zopezope
2.12.0:b1
zopezope
2.12.0:b2
zopezope
2.12.0:b3
zopezope
2.12.0:b4
zopezope
2.12.1
zopezope
2.12.2
zopezope
2.12.3
zopezope
2.12.4
zopezope
2.12.5
zopezope
2.12.6
zopezope
2.12.7
zopezope
2.12.8
zopezope
2.12.9
zopezope
2.12.10
zopezope
2.12.11
zopezope
2.12.12
zopezope
2.12.13
zopezope
2.12.14
zopezope
2.12.15
zopezope
2.12.16
zopezope
2.12.17
zopezope
2.12.18
zopezope
2.12.19
zopezope
2.12.20
zopezope
2.13.0
zopezope
2.13.0:a1
zopezope
2.13.0:a2
zopezope
2.13.0:a3
zopezope
2.13.0:a4
zopezope
2.13.0:b1
zopezope
2.13.0:c1
zopezope
2.13.1
zopezope
2.13.2
zopezope
2.13.3
zopezope
2.13.4
zopezope
2.13.5
zopezope
2.13.6
zopezope
2.13.7
zopezope
2.13.8
zopezope
2.13.9
zopezope
2.13.10
𝑥
= Vulnerable software versions
References
http://plone.org/products/plone-hotfix/releases/20110928
http://plone.org/products/plone-hotfix/releases/20110928/PloneHotfix20110928-1.0.zip
http://plone.org/products/plone/security/advisories/20110928
http://pypi.python.org/pypi/Products.PloneHotfix20110928/1.0
http://secunia.com/advisories/46221
http://secunia.com/advisories/46323
http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587
https://bugzilla.redhat.com/show_bug.cgi?id=742297
http://plone.org/products/plone-hotfix/releases/20110928
http://plone.org/products/plone-hotfix/releases/20110928/PloneHotfix20110928-1.0.zip
http://plone.org/products/plone/security/advisories/20110928
http://pypi.python.org/pypi/Products.PloneHotfix20110928/1.0
http://secunia.com/advisories/46221
http://secunia.com/advisories/46323
http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587
https://bugzilla.redhat.com/show_bug.cgi?id=742297