CVE-2007-5741 - OpenCVE

Plone 2.5 through 2.5.4 and 3.0 through 3.0.2 allows remote attackers to execute arbitrary Python code via network data containing pickled objects for the (1) statusmessages or (2) linkintegrity module, which the module unpickles and executes.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Plone	Plone

Configuration 1 [-]

OR	cpe:2.3:a:plone:plone:2.5:::::::*
	cpe:2.3:a:plone:plone:2.5.1:::::::*
	cpe:2.3:a:plone:plone:2.5.1_rc:::::::*
	cpe:2.3:a:plone:plone:2.5.4:::::::*
	cpe:2.3:a:plone:plone:2.5_beta1:::::::*
	cpe:2.3:a:plone:plone:3.0:::::::*
	cpe:2.3:a:plone:plone:3.0.1:::::::*
	cpe:2.3:a:plone:plone:3.0.2:::::::*

No data.

References

Link	Providers
http://osvdb.org/42071
http://osvdb.org/42072
http://plone.org/about/security/advisories/cve-2007-5741
http://secunia.com/advisories/27530
http://secunia.com/advisories/27559
http://www.debian.org/security/2007/dsa-1405
http://www.securityfocus.com/archive/1/483343/100/0/threaded
http://www.securityfocus.com/bid/26354
http://www.vupen.com/english/advisories/2007/3754
https://exchange.xforce.ibmcloud.com/vulnerabilities/38288
https://nvd.nist.gov/vuln/detail/CVE-2007-5741
https://www.cve.org/CVERecord?id=CVE-2007-5741

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-11-07T21:00:00

Updated: 2024-08-07T15:39:13.671Z

Reserved: 2007-10-31T00:00:00

Link: CVE-2007-5741

Vulnrichment

No data.

NVD

Status : Modified

Published: 2007-11-07T21:46:00.000

Modified: 2018-10-15T21:46:13.893

Link: CVE-2007-5741

Redhat

Severity : Important

Publid Date: 2007-11-06T00:00:00Z

Links: CVE-2007-5741 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-11-06T00:00:00", "descriptions": [{"lang": "en", "value": "Plone 2.5 through 2.5.4 and 3.0 through 3.0.2 allows remote attackers to execute arbitrary Python code via network data containing pickled objects for the (1) statusmessages or (2) linkintegrity module, which the module unpickles and executes."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-15T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "plone-pythoncode-execution(38288)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38288"}, {"name": "42071", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/42071"}, {"name": "26354", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/26354"}, {"name": "27559", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/27559"}, {"name": "27530", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/27530"}, {"name": "20071106 [CVE-2007-5741] Plone: statusmessages and linkintegrity unsafe network data hotfix", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/483343/100/0/threaded"}, {"name": "DSA-1405", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2007/dsa-1405"}, {"name": "ADV-2007-3754", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/3754"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://plone.org/about/security/advisories/cve-2007-5741"}, {"name": "42072", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/42072"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-5741", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Plone 2.5 through 2.5.4 and 3.0 through 3.0.2 allows remote attackers to execute arbitrary Python code via network data containing pickled objects for the (1) statusmessages or (2) linkintegrity module, which the module unpickles and executes."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "plone-pythoncode-execution(38288)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38288"}, {"name": "42071", "refsource": "OSVDB", "url": "http://osvdb.org/42071"}, {"name": "26354", "refsource": "BID", "url": "http://www.securityfocus.com/bid/26354"}, {"name": "27559", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27559"}, {"name": "27530", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27530"}, {"name": "20071106 [CVE-2007-5741] Plone: statusmessages and linkintegrity unsafe network data hotfix", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/483343/100/0/threaded"}, {"name": "DSA-1405", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2007/dsa-1405"}, {"name": "ADV-2007-3754", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/3754"}, {"name": "http://plone.org/about/security/advisories/cve-2007-5741", "refsource": "CONFIRM", "url": "http://plone.org/about/security/advisories/cve-2007-5741"}, {"name": "42072", "refsource": "OSVDB", "url": "http://osvdb.org/42072"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T15:39:13.671Z"}, "title": "CVE Program Container", "references": [{"name": "plone-pythoncode-execution(38288)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38288"}, {"name": "42071", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/42071"}, {"name": "26354", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/26354"}, {"name": "27559", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/27559"}, {"name": "27530", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/27530"}, {"name": "20071106 [CVE-2007-5741] Plone: statusmessages and linkintegrity unsafe network data hotfix", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/483343/100/0/threaded"}, {"name": "DSA-1405", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2007/dsa-1405"}, {"name": "ADV-2007-3754", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/3754"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://plone.org/about/security/advisories/cve-2007-5741"}, {"name": "42072", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/42072"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-5741", "datePublished": "2007-11-07T21:00:00", "dateReserved": "2007-10-31T00:00:00", "dateUpdated": "2024-08-07T15:39:13.671Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:plone:plone:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "9762C674-380B-4831-BBA1-3B27742121B0", "vulnerable": true}, {"criteria": "cpe:2.3:a:plone:plone:2.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "3D938645-80CE-4287-830E-A3BD0C5C84FB", "vulnerable": true}, {"criteria": "cpe:2.3:a:plone:plone:2.5.1_rc:*:*:*:*:*:*:*", "matchCriteriaId": "C01E0884-D0A4-4511-AD4B-DBB09CB8080E", "vulnerable": true}, {"criteria": "cpe:2.3:a:plone:plone:2.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "7B60568E-A688-46AF-B627-062A029A7324", "vulnerable": true}, {"criteria": "cpe:2.3:a:plone:plone:2.5_beta1:*:*:*:*:*:*:*", "matchCriteriaId": "C577B46C-7692-4B6F-B487-A28F73D403F1", "vulnerable": true}, {"criteria": "cpe:2.3:a:plone:plone:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "0B647E76-E8B8-4329-8848-3B90EB262807", "vulnerable": true}, {"criteria": "cpe:2.3:a:plone:plone:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "0D0A6B8F-4018-44DC-9862-45309619DC6D", "vulnerable": true}, {"criteria": "cpe:2.3:a:plone:plone:3.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "0F10374F-2BB3-48D2-B19F-9B2D038A8E35", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Plone 2.5 through 2.5.4 and 3.0 through 3.0.2 allows remote attackers to execute arbitrary Python code via network data containing pickled objects for the (1) statusmessages or (2) linkintegrity module, which the module unpickles and executes."}, {"lang": "es", "value": "Plone 2.5 hasta 2.5.4 y 3.0 hasta 3.0.2 permite a atacantes remotos ejecutar c\u00f3digo Python de su elecci\u00f3n mediante informaci\u00f3n de red que contiene objetos \"serializados\" (pickled) para los m\u00f3dulos (1) statusmessages o (2) linkintegrity, los cuales son \"deserializados\" (unpickled) y ejecutados."}], "id": "CVE-2007-5741", "lastModified": "2018-10-15T21:46:13.893", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-11-07T21:46:00.000", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/42071"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/42072"}, {"source": "cve@mitre.org", "url": "http://plone.org/about/security/advisories/cve-2007-5741"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/27530"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/27559"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2007/dsa-1405"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/483343/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/26354"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/3754"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38288"}], "sourceIdentifier": "cve@mitre.org", "vendorComments": [{"comment": "Not vulnerable. This issue did not affect versions of plone included in conga/luci packages as shipped with Red Hat Enterprise Linux 5 or Red Hat Cluster Suite for Red Hat Enterprise Linux 4.", "lastModified": "2007-11-08T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "nvd@nist.gov", "type": "Primary"}]}