{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-09-28T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2011-10-19T09:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=742297"}, {"name": "46221", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/46221"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://pypi.python.org/pypi/Products.PloneHotfix20110928/1.0"}, {"name": "46323", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/46323"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://plone.org/products/plone/security/advisories/20110928"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://plone.org/products/plone-hotfix/releases/20110928"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://plone.org/products/plone-hotfix/releases/20110928/PloneHotfix20110928-1.0.zip"}]}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2011-3587", "datePublished": "2011-10-10T10:00:00", "dateReserved": "2011-09-21T00:00:00", "dateUpdated": "2011-10-19T09:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:plone:plone:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "F3306D84-0F5B-46BA-9BCC-DCD0A1CDD604", "vulnerable": true}, {"criteria": "cpe:2.3:a:plone:plone:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "E08F4534-A588-463F-A745-39E559AB1CB8", "vulnerable": true}, {"criteria": "cpe:2.3:a:plone:plone:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "B64341BA-5722-415E-9771-9837168AB7C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:plone:plone:4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "E2929227-AE19-428D-9AC3-D312A559039B", "vulnerable": true}, {"criteria": "cpe:2.3:a:plone:plone:4.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "3B6DC866-0FEE-475B-855C-A69E004810CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:plone:plone:4.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "50BF3E8E-152C-4E89-BAA2-A952D10F4611", "vulnerable": true}, {"criteria": "cpe:2.3:a:plone:plone:4.0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "49DB97A7-89DD-43C0-A490-84AA7069764B", "vulnerable": true}, {"criteria": "cpe:2.3:a:plone:plone:4.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "F1F88BF6-9058-4CB8-A2D6-5653860CF489", "vulnerable": true}, {"criteria": "cpe:2.3:a:plone:plone:4.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "B2AA3FA2-15C3-444A-8810-5EF3E0E84D58", "vulnerable": true}, {"criteria": "cpe:2.3:a:plone:plone:4.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "72F3B15A-CD0F-4CC5-A76F-E62637B30E2E", "vulnerable": true}, {"criteria": "cpe:2.3:a:plone:plone:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "7C44B53B-953B-4522-A5B4-11573850D2CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:plone:plone:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "1F1818BB-E23A-4136-898D-1D0C80C08728", "vulnerable": true}, {"criteria": "cpe:2.3:a:plone:plone:4.2a1:*:*:*:*:*:*:*", "matchCriteriaId": "3CA5A1E3-EC1E-482D-B074-1304FBF963F2", "vulnerable": true}, {"criteria": "cpe:2.3:a:plone:plone:4.2a2:*:*:*:*:*:*:*", "matchCriteriaId": "1DE6064F-67CC-4DA5-A4A8-D9E1F701B1A5", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.12.0:*:*:*:*:*:*:*", "matchCriteriaId": "2704CA8B-2AB3-48C7-85DC-66F9AD667E0B", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.12.0:a1:*:*:*:*:*:*", "matchCriteriaId": "020F418B-589E-4864-89DB-29AAFBF41491", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.12.0:a2:*:*:*:*:*:*", "matchCriteriaId": "FCE1948E-7DA4-4F5B-8BE0-6F775356F286", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.12.0:a3:*:*:*:*:*:*", "matchCriteriaId": "44497A5B-01FC-4931-A478-5BC1C0E2E155", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.12.0:a4:*:*:*:*:*:*", "matchCriteriaId": "D53DE247-B6F9-43B5-A1C8-631183AF5FC8", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.12.0:b1:*:*:*:*:*:*", "matchCriteriaId": "0F6993A9-74C2-443B-8C58-FA5BA972573C", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.12.0:b2:*:*:*:*:*:*", "matchCriteriaId": "029814EB-380B-4DE5-8E79-7DA8D3C78C04", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.12.0:b3:*:*:*:*:*:*", "matchCriteriaId": "BA8E46A4-1706-4E2D-9353-3E7F9C70E405", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.12.0:b4:*:*:*:*:*:*", "matchCriteriaId": "CFF98E8F-3D3D-477E-A750-59C26156FD1B", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.12.1:*:*:*:*:*:*:*", "matchCriteriaId": "DB0F8805-2E74-40F6-BAE1-DB8187043611", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.12.2:*:*:*:*:*:*:*", "matchCriteriaId": "DD3A0116-BDE0-490A-8CE6-0B4B0E003887", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.12.3:*:*:*:*:*:*:*", "matchCriteriaId": "73D8DF4A-46E9-4D1F-88DF-2C0EB274B280", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.12.4:*:*:*:*:*:*:*", "matchCriteriaId": "CCB94584-6842-429F-A5E5-DFB3037B1DD3", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.12.5:*:*:*:*:*:*:*", "matchCriteriaId": "6A3CB9CA-8F81-4E9B-B334-83D28DFBB44D", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.12.6:*:*:*:*:*:*:*", "matchCriteriaId": "0262630B-153C-47D8-A852-ADCADED1B4B2", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.12.7:*:*:*:*:*:*:*", "matchCriteriaId": "8B5E37A4-EE2F-4DCA-928F-553EDD487A09", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.12.8:*:*:*:*:*:*:*", "matchCriteriaId": "6DD494AD-C46F-455E-941B-8B6135EB3566", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.12.9:*:*:*:*:*:*:*", "matchCriteriaId": "1B485846-EC9D-426C-BFE0-A9E647D6C65D", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.12.10:*:*:*:*:*:*:*", "matchCriteriaId": "E814BB0A-D5D3-4756-8135-0A7EFF9D8538", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.12.11:*:*:*:*:*:*:*", "matchCriteriaId": "A638BB63-7F91-4A5E-9FEC-C19E2A585CB7", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.12.12:*:*:*:*:*:*:*", "matchCriteriaId": "98FD488D-8C25-4553-8F3E-E4AEACCBD23F", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.12.13:*:*:*:*:*:*:*", "matchCriteriaId": "821C6F9D-B9F5-4525-870C-1F57943B008C", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.12.14:*:*:*:*:*:*:*", "matchCriteriaId": "4BB9641A-97D9-4AC7-85F8-1604D5EBFECC", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.12.15:*:*:*:*:*:*:*", "matchCriteriaId": "C0F5B68D-E59B-4605-869D-7FD5CCD7C6B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.12.16:*:*:*:*:*:*:*", "matchCriteriaId": "14D1EA26-9BB1-4917-94BC-2E08864770FB", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.12.17:*:*:*:*:*:*:*", "matchCriteriaId": "8EEB553C-21A6-4670-A37A-C2A7D360512D", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.12.18:*:*:*:*:*:*:*", "matchCriteriaId": "5767213A-DD93-4FDF-9E0E-B90814D71BC2", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.12.19:*:*:*:*:*:*:*", "matchCriteriaId": "89E07BBF-DDAC-46E0-85E5-EAF01C8D3747", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.12.20:*:*:*:*:*:*:*", "matchCriteriaId": "46DF34B7-E1E9-4A28-B5D3-8ACDA2B0DDBD", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.13.0:*:*:*:*:*:*:*", "matchCriteriaId": "9050973E-3A55-4601-B03E-138C3187F858", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.13.0:a1:*:*:*:*:*:*", "matchCriteriaId": "9B7A80F2-F98D-4147-971D-C0C8CC61171A", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.13.0:a2:*:*:*:*:*:*", "matchCriteriaId": "20900397-13D4-423F-B34A-B9CF7E664290", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.13.0:a3:*:*:*:*:*:*", "matchCriteriaId": "9D678FB1-C5EB-49DF-BAAD-81BB12AAA9A3", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.13.0:a4:*:*:*:*:*:*", "matchCriteriaId": "4894BEE3-918A-4391-8EEC-37A5C0037E6F", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.13.0:b1:*:*:*:*:*:*", "matchCriteriaId": "AE1ADEFB-09F4-4677-853D-670AC646C319", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.13.0:c1:*:*:*:*:*:*", "matchCriteriaId": "5BB1F4C5-4F42-40F5-9180-ED60257BD7BA", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.13.1:*:*:*:*:*:*:*", "matchCriteriaId": "E1CD5888-B251-40B4-AF2D-F84ADCA66ABE", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.13.2:*:*:*:*:*:*:*", "matchCriteriaId": "68EAFD75-6FA4-44D4-8F7E-4A1ADE2FE48C", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.13.3:*:*:*:*:*:*:*", "matchCriteriaId": "6623BA51-B166-41B6-A5AD-8230AD866B76", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.13.4:*:*:*:*:*:*:*", "matchCriteriaId": "F9FE75C9-A9F0-40DB-B808-EC6015DE6613", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.13.5:*:*:*:*:*:*:*", "matchCriteriaId": "5C04B10C-5E7F-4FB8-9EF0-A27C7E1B938A", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.13.6:*:*:*:*:*:*:*", "matchCriteriaId": "D23B7F57-303C-41CE-8183-BE98799CB725", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.13.7:*:*:*:*:*:*:*", "matchCriteriaId": "C42775B2-DF65-4CFE-9D75-4718AE19F994", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.13.8:*:*:*:*:*:*:*", "matchCriteriaId": "58756ADE-20C0-42E3-8732-CADF383D42C3", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.13.9:*:*:*:*:*:*:*", "matchCriteriaId": "E0E75387-929B-44C0-BC03-EA3B89B724D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.13.10:*:*:*:*:*:*:*", "matchCriteriaId": "DFD7C03B-191C-414D-961D-A572481ACA19", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules."}, {"lang": "es", "value": "Vulnerabilidad no especificada en Zope v2.12.x y v2.13.x, tal como se usa en Plone v4.0.x hasta v4.0.9., v4.1, y v4.2 hasta v4.2a2, permite a atacantes remotos ejecutar comandos de su elecci\u00f3n a trav\u00e9s de vectores relacionados con el p_ class en OFS/misc_.py y el uso de m\u00f3dulos Python."}], "id": "CVE-2011-3587", "lastModified": "2011-10-21T02:56:06.350", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2011-10-10T10:55:06.787", "references": [{"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://plone.org/products/plone-hotfix/releases/20110928"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://plone.org/products/plone-hotfix/releases/20110928/PloneHotfix20110928-1.0.zip"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://plone.org/products/plone/security/advisories/20110928"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://pypi.python.org/pypi/Products.PloneHotfix20110928/1.0"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/46221"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/46323"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=742297"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}