CVE-2011-3587 Information

Description

Unspecified vulnerability in Zope 2.12.x and 2.13.x as used in Plone 4.0.x through 4.0.9 4.1 and 4.2 through 4.2a2 allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules.

Reference

http://plone.org/products/plone/security/advisories/20110928 http://plone.org/products/plone-hotfix/releases/20110928 http://plone.org/products/plone-hotfix/releases/20110928/PloneHotfix20110928-1.0.zip http://pypi.python.org/pypi/Products.PloneHotfix20110928/1.0 http://secunia.com/advisories/46221 http://secunia.com/advisories/46323 http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587 https://bugzilla.redhat.com/show_bug.cgi?id=742297