mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-30 18:04:30 +00:00
107 lines
3.4 KiB
JSON
107 lines
3.4 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "cve@mitre.org",
|
|
"ID": "CVE-2007-5741",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Plone 2.5 through 2.5.4 and 3.0 through 3.0.2 allows remote attackers to execute arbitrary Python code via network data containing pickled objects for the (1) statusmessages or (2) linkintegrity module, which the module unpickles and executes."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "plone-pythoncode-execution(38288)",
|
|
"refsource": "XF",
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38288"
|
|
},
|
|
{
|
|
"name": "42071",
|
|
"refsource": "OSVDB",
|
|
"url": "http://osvdb.org/42071"
|
|
},
|
|
{
|
|
"name": "26354",
|
|
"refsource": "BID",
|
|
"url": "http://www.securityfocus.com/bid/26354"
|
|
},
|
|
{
|
|
"name": "27559",
|
|
"refsource": "SECUNIA",
|
|
"url": "http://secunia.com/advisories/27559"
|
|
},
|
|
{
|
|
"name": "27530",
|
|
"refsource": "SECUNIA",
|
|
"url": "http://secunia.com/advisories/27530"
|
|
},
|
|
{
|
|
"name": "20071106 [CVE-2007-5741] Plone: statusmessages and linkintegrity unsafe network data hotfix",
|
|
"refsource": "BUGTRAQ",
|
|
"url": "http://www.securityfocus.com/archive/1/483343/100/0/threaded"
|
|
},
|
|
{
|
|
"name": "DSA-1405",
|
|
"refsource": "DEBIAN",
|
|
"url": "http://www.debian.org/security/2007/dsa-1405"
|
|
},
|
|
{
|
|
"name": "ADV-2007-3754",
|
|
"refsource": "VUPEN",
|
|
"url": "http://www.vupen.com/english/advisories/2007/3754"
|
|
},
|
|
{
|
|
"name": "http://plone.org/about/security/advisories/cve-2007-5741",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://plone.org/about/security/advisories/cve-2007-5741"
|
|
},
|
|
{
|
|
"name": "42072",
|
|
"refsource": "OSVDB",
|
|
"url": "http://osvdb.org/42072"
|
|
}
|
|
]
|
|
}
|
|
} |