CyberSec.Space Logo
返回 CVE 浏览器

CVE-2011-3587

CRITICAL
9.3
CVSS Severity Score
EPSS Score0.0370%
EPSS Percentile29.72th
Published2011年10月10日
Last Modified2026年4月29日

Vulnerability Description

Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules.

Affected Platforms (CPE)

📦
Plone

Plone

= 4.0
📦
Plone

Plone

= 4.0.1
📦
Plone

Plone

= 4.0.2
📦
Plone

Plone

= 4.0.3
📦
Plone

Plone

= 4.0.4
📦
Plone

Plone

= 4.0.5
📦
Plone

Plone

= 4.0.6.1
📦
Plone

Plone

= 4.0.7
📦
Plone

Plone

= 4.0.8
📦
Plone

Plone

= 4.0.9
📦
Plone

Plone

= 4.1
📦
Plone

Plone

= 4.2
📦
Plone

Plone

= 4.2a1
📦
Plone

Plone

= 4.2a2
📦
Zope

Zope

= 2.12.0
📦
Zope

Zope

= 2.12.0
📦
Zope

Zope

= 2.12.0
📦
Zope

Zope

= 2.12.0
📦
Zope

Zope

= 2.12.0
📦
Zope

Zope

= 2.12.0
📦
Zope

Zope

= 2.12.0
📦
Zope

Zope

= 2.12.0
📦
Zope

Zope

= 2.12.0
📦
Zope

Zope

= 2.12.1
📦
Zope

Zope

= 2.12.2
📦
Zope

Zope

= 2.12.3
📦
Zope

Zope

= 2.12.4
📦
Zope

Zope

= 2.12.5
📦
Zope

Zope

= 2.12.6
📦
Zope

Zope

= 2.12.7
📦
Zope

Zope

= 2.12.8
📦
Zope

Zope

= 2.12.9
📦
Zope

Zope

= 2.12.10
📦
Zope

Zope

= 2.12.11
📦
Zope

Zope

= 2.12.12
📦
Zope

Zope

= 2.12.13
📦
Zope

Zope

= 2.12.14
📦
Zope

Zope

= 2.12.15
📦
Zope

Zope

= 2.12.16
📦
Zope

Zope

= 2.12.17
📦
Zope

Zope

= 2.12.18
📦
Zope

Zope

= 2.12.19
📦
Zope

Zope

= 2.12.20
📦
Zope

Zope

= 2.13.0
📦
Zope

Zope

= 2.13.0
📦
Zope

Zope

= 2.13.0
📦
Zope

Zope

= 2.13.0
📦
Zope

Zope

= 2.13.0
📦
Zope

Zope

= 2.13.0
📦
Zope

Zope

= 2.13.0
📦
Zope

Zope

= 2.13.1
📦
Zope

Zope

= 2.13.2
📦
Zope

Zope

= 2.13.3
📦
Zope

Zope

= 2.13.4
📦
Zope

Zope

= 2.13.5
📦
Zope

Zope

= 2.13.6
📦
Zope

Zope

= 2.13.7
📦
Zope

Zope

= 2.13.8
📦
Zope

Zope

= 2.13.9
📦
Zope

Zope

= 2.13.10

References & Advisories

🔗 http://plone.org/products/plone-hotfix/releases/20110928
🔗 http://plone.org/products/plone-hotfix/releases/20110928/PloneHotfix20110928-1.0.zip
🔗 http://plone.org/products/plone/security/advisories/20110928
🔗 http://pypi.python.org/pypi/Products.PloneHotfix20110928/1.0
🔗 http://secunia.com/advisories/46221
🔗 http://secunia.com/advisories/46323
🔗 http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587
🔗 https://bugzilla.redhat.com/show_bug.cgi?id=742297

相关漏洞威胁

CVE-2008-139310.0

Plone CMS 3.0.5, and probably other 3.x versions, places a base64 encoded form of the username and password in the __ac cookie for...

CVE-2021-335099.9

Plone through 5.2.4 allows remote authenticated managers to perform disk I/O via crafted keyword arguments to the ReStructuredText...

CVE-2020-79419.8

A privilege escalation issue in plone.app.contenttypes in Plone 4.3 through 5.2.1 allows users to PUT (overwrite) some content wit...

CVE-2020-351909.8

The official plone Docker images before version of 4.3.18-alpine (Alpine specific) contain a blank password for a root user. Syste...