Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-2007-5741

Plone 2.5 through 2.5.4 and 3.0 through 3.0.2 allows remote attackers to execute arbitrary Python code via network data containing pickled objects for the (1) statusmessages or (2) linkintegrity module, which the module unpickles and executes.

  • Published: Nov 7, 2007
  • Updated: Apr 13, 2023
  • CVE: CVE-2007-5741
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

Software From Fixed in
plone / plone 2.5_beta1 2.5_beta1.x
plone / plone 3.0.1 3.0.1.x
plone / plone 3.0 3.0.x
plone / plone 2.5.4 2.5.4.x
plone / plone 2.5.1 2.5.1.x
plone / plone 2.5 2.5.x
plone / plone 2.5.1_rc 2.5.1_rc.x
plone / plone 3.0.2 3.0.2.x