ID:4107 - Exploit for Input validation error in Zope - CVE-2011-3587

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:4107 - Exploit for Input validation error in Zope - CVE-2011-3587

ID:4107 - Exploit for Input validation error in Zope - CVE-2011-3587

Published: August 11, 2020


Vulnerability identifier: #VU44631
Vulnerability risk: High
CVE-ID: CVE-2011-3587
CWE-ID: CWE-20
Exploitation vector: Remote access
Vulnerable software:
Zope

Link to public exploit:


Vulnerability description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules.


Remediation

Install update from vendor's website.