NVD

Id
46616  
Name
CVE-2012-5488  
Description
python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via a crafted URL, related to createObject.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:N/A:P)  
Pub Date
2017-01-19  
Published
2014-09-30  
Modified Date
2014-10-10  
Seq
2012-5488  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
233447 46616 CVE-2012-5488 RHSA-2014:1194  View
233448 46616 CVE-2012-5488 [oss-security] 20121109 Re: Re: CVE Request - Zope / Plone: Multiple vectors corrected within 20121106 fix  View
233449 46616 CVE-2012-5488 https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt  View
233450 46616 CVE-2012-5488 https://plone.org/products/plone-hotfix/releases/20121106  View
233451 46616 CVE-2012-5488 https://plone.org/products/plone/security/advisories/20121106/04  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
30579 JVNDB-2012-006287 Plone の python_scripts.py における Python コードを実行される脆弱性 Plone の python_scripts.py には、createObject に関する処理に不備があるため、Python コードを実行される脆弱性が存在します。 CVE-2012-5488 58726 CVE-2012-5488 46616 5 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-006287.html 2012-11-06 2014-10-02 View