CVE-2013-4196
https://notcve.org/view.php?id=CVE-2013-4196
The object manager implementation (objectmanager.py) in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 does not properly restrict access to internal methods, which allows remote attackers to obtain sensitive information via a crafted request. La implementación object manager (objectmanager.py) en Plone 2.1 hasta 4.1, 4.2.x hasta 4.2.5 y 4.3.x hasta 4.3.1 no restringe debidamente acceso a los métodos internos, lo que permite a atacantes remotos obtener información sensible a través de una solicitud manipulada. • http://plone.org/products/plone-hotfix/releases/20130618 http://plone.org/products/plone/security/advisories/20130618-announcement http://seclists.org/oss-sec/2013/q3/261 https://bugzilla.redhat.com/show_bug.cgi?id=978475 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2013-4188
https://notcve.org/view.php?id=CVE-2013-4188
traverser.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote attackers with administrator privileges to cause a denial of service (infinite loop and resource consumption) via unspecified vectors related to "retrieving information for certain resources." traverser.py en Plone 2.1 hasta 4.1, 4.2.x hasta 4.2.5 y 4.3.x hasta 4.3.1 permite a atacantes remotos con privilegios de administrador causar una denegación de servicio (bucle infinito y consumo de recursos) a través de vectores no especificados relacionados con "la recuperación de información para ciertos recursos." • http://plone.org/products/plone-hotfix/releases/20130618 http://plone.org/products/plone/security/advisories/20130618-announcement http://seclists.org/oss-sec/2013/q3/261 https://bugzilla.redhat.com/show_bug.cgi?id=978449 • CWE-399: Resource Management Errors •
CVE-2013-4200 – Plone - 'in_portal.py' < 4.1.3 Session Hijacking
https://notcve.org/view.php?id=CVE-2013-4200
The isURLInPortal method in the URLTool class in in_portal.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 treats URLs starting with a space as a relative URL, which allows remote attackers to bypass the allow_external_login_sites filtering property, redirect users to arbitrary web sites, and conduct phishing attacks via a space before a URL in the "next" parameter to acl_users/credentials_cookie_auth/require_login. El método isURLInPortal en la clase URLTool en in_portal.py en Plone 2.1 a 4.1, 4.2.x hasta 4.2.5 y 4.3.x hasta 4.3.1, trata las URLs que comienzan con un espacio como URLs relativas, lo cual permite a atacantes sortear la propiedad de filtrado allow_external_login_sites, redirigiendo a usuarios a sitios web arbitrarios, y efectuando ataques de phishing a través de un espacio antes de la URL en el parámetro "next" en acl_users/credentials_cookie_auth/require_login. Plone CMS suffers from a URL redirection credential disclosure vulnerability. • https://www.exploit-db.com/exploits/38738 http://plone.org/products/plone-hotfix/releases/20130618 http://plone.org/products/plone/security/advisories/20130618-announcement http://www.openwall.com/lists/oss-security/2013/08/01/2 http://www.securityfocus.com/archive/1/530787/100/0/threaded https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4200 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2011-3587 – Plone and Zope - Remote Command Execution
https://notcve.org/view.php?id=CVE-2011-3587
Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules. Vulnerabilidad no especificada en Zope v2.12.x y v2.13.x, tal como se usa en Plone v4.0.x hasta v4.0.9., v4.1, y v4.2 hasta v4.2a2, permite a atacantes remotos ejecutar comandos de su elección a través de vectores relacionados con el p_ class en OFS/misc_.py y el uso de módulos Python. • https://www.exploit-db.com/exploits/18262 http://plone.org/products/plone-hotfix/releases/20110928 http://plone.org/products/plone-hotfix/releases/20110928/PloneHotfix20110928-1.0.zip http://plone.org/products/plone/security/advisories/20110928 http://pypi.python.org/pypi/Products.PloneHotfix20110928/1.0 http://secunia.com/advisories/46221 http://secunia.com/advisories/46323 http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587 https://bugzilla.redhat.com/show_bug.cgi? •
CVE-2011-4030
https://notcve.org/view.php?id=CVE-2011-4030
The CMFEditions component 2.x in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2 does not prevent the KwAsAttributes classes from being publishable, which allows remote attackers to access sub-objects via unspecified vectors, a different vulnerability than CVE-2011-3587. El componente CMFEditions v2.x en Plone v4.0.x hasta v4.0.9, v4.1, y v4.2 hasta v4.2a2 no previene clases KwAsAttributes publicables, lo que permite a atacantes remotos acceder a sub-objetos a través de vectores no especificados, una vulnerabilidad diferente que CVE-2011-3587. • http://plone.org/products/plone-hotfix/releases/20110928 http://plone.org/products/plone-hotfix/releases/20110928/PloneHotfix20110928-1.0.zip http://pypi.python.org/pypi/Products.PloneHotfix20110928/1.0 http://secunia.com/advisories/46323 http://www.securityfocus.com/bid/50287 • CWE-264: Permissions, Privileges, and Access Controls •