CVE-2007-5741

Plone 2.5 through 2.5.4 and 3.0 through 3.0.2 allows remote attackers to execute arbitrary Python code via network data containing pickled objects for the (1) statusmessages or (2) linkintegrity module, which the module unpickles and executes.
Configurations

Configuration 1

cpe:2.3:a:plone:plone:2.5_beta1:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:3.0:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:2.5.4:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:2.5:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:2.5.1_rc:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:3.0.2:*:*:*:*:*:*:*

Information

Published : 2007-11-07 09:46

Updated : 2018-10-15 09:46


NVD link : CVE-2007-5741

Mitre link : CVE-2007-5741

Products Affected
No products.
CWE