CVE-2011-3587

Advisory

[This advisory has been limited. Please create a free account to view the full advisory.]

Affected package

Affected versions

[This affected versions has been limited. Please create a free account to view the full affected versions.]

Fixed versions

[This fixed versions has been limited. Please create a free account to view the full fixed versions.]

Vulnerability changelog

Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules.

Resources

• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3587
• https://bugzilla.redhat.com/show_bug.cgi?id=742297
• http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587
• http://plone.org/products/plone-hotfix/releases/20110928/PloneHotfix20110928-1.0.zip
• http://pypi.python.org/pypi/Products.PloneHotfix20110928/1.0
• http://plone.org/products/plone/security/advisories/20110928
• http://secunia.com/advisories/46221
• http://plone.org/products/plone-hotfix/releases/20110928
• http://secunia.com/advisories/46323