High severityNVD Advisory· Published Oct 10, 2011· Updated Jun 16, 2026
CVE-2011-3587
CVE-2011-3587
Description
Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
zope2PyPI | >= 2.12.0, < 2.12.20 | 2.12.20 |
zope2PyPI | >= 2.13.0, < 2.13.10 | 2.13.10 |
Affected products
61cpe:2.3:a:plone:plone:4.0:*:*:*:*:*:*:*+ 13 more
- cpe:2.3:a:plone:plone:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:plone:plone:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:plone:plone:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:plone:plone:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:plone:plone:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:plone:plone:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:plone:plone:4.0.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:plone:plone:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:plone:plone:4.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:plone:plone:4.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:plone:plone:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:plone:plone:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:plone:plone:4.2a1:*:*:*:*:*:*:*
- cpe:2.3:a:plone:plone:4.2a2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.12.0:*:*:*:*:*:*:*+ 45 more
- cpe:2.3:a:zope:zope:2.12.0:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.12.0:a1:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.12.0:a2:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.12.0:a3:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.12.0:a4:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.12.0:b1:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.12.0:b2:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.12.0:b3:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.12.0:b4:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.12.1:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.12.10:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.12.11:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.12.12:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.12.13:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.12.14:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.12.15:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.12.16:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.12.17:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.12.18:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.12.19:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.12.2:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.12.20:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.12.3:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.12.4:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.12.5:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.12.6:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.12.7:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.12.8:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.12.9:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.13.0:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.13.0:a1:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.13.0:a2:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.13.0:a3:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.13.0:a4:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.13.0:b1:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.13.0:c1:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.13.1:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.13.10:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.13.2:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.13.3:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.13.4:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.13.5:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.13.6:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.13.7:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.13.8:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.13.9:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
14- plone.org/products/plone-hotfix/releases/20110928nvdPatchWEB
- plone.org/products/plone-hotfix/releases/20110928/PloneHotfix20110928-1.0.zipnvdPatchWEB
- plone.org/products/plone/security/advisories/20110928nvdPatchVendor AdvisoryWEB
- pypi.python.org/pypi/Products.PloneHotfix20110928/1.0nvdPatchWEB
- zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587nvdPatchWEB
- bugzilla.redhat.com/show_bug.cginvdPatchWEB
- secunia.com/advisories/46221nvdVendor Advisory
- github.com/advisories/GHSA-8w48-m6hx-rjw2ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2011-3587ghsaADVISORY
- github.com/pypa/advisory-database/tree/main/vulns/products-plonehotfix20110928/PYSEC-2011-26.yamlghsaWEB
- github.com/zopefoundation/Zope/commit/491a583d8c6622b80c75917e5017c4bb4b15e477ghsaWEB
- github.com/zopefoundation/Zope/commit/6bb2fb3c04a76b00bec9bd7c069733e06fa6ebe9ghsaWEB
- web.archive.org/web/20111013043934/http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587ghsaWEB
- secunia.com/advisories/46323nvd
News mentions
0No linked articles in our index yet.