CVE-2012-5493

gtbn.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote authenticated users with certain permissions to bypass the Python sandbox and execute arbitrary Python code via unspecified vectors.

Published: Sep 30, 2014
Updated: Apr 13, 2023
CVE: CVE-2012-5493
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 8.5
AV:N/AC:M/Au:S/C:C/I:C/A:C

CWEs:

CWE-94

Affected Software
References

Software	From	Fixed in
plone / plone	3.3	3.3.x
plone / plone	1.0	1.0.x
plone / plone	4.2-a1	4.2-a1.x
plone / plone	4.0.5	4.0.5.x
plone / plone	3.0.1	3.0.1.x
plone / plone	1.0.3	1.0.3.x
plone / plone	3.0	3.0.x
plone / plone	3.2.3	3.2.3.x
plone / plone	3.1.4	3.1.4.x
plone / plone	3.1.5.1	3.1.5.1.x
plone / plone	4.2-b2	4.2-b2.x
plone / plone	4.2.0.1	4.2.0.1.x
plone / plone	2.1.4	2.1.4.x
plone / plone	4.0.2	4.0.2.x
plone / plone	4.2.1.1	4.2.1.1.x
plone / plone	3.3.5	3.3.5.x
plone / plone	3.0.6	3.0.6.x
plone / plone	2.5.4	2.5.4.x
plone / plone	3.2	3.2.x
plone / plone	3.1.1	3.1.1.x
plone / plone	4.3	4.3.x
plone / plone	2.1.1	2.1.1.x
plone / plone	3.3.4	3.3.4.x
plone / plone	2.0.3	2.0.3.x
plone / plone	1.0.4	1.0.4.x
plone / plone	4.2-b1	4.2-b1.x
plone / plone	3.3.2	3.3.2.x
plone / plone	4.2-rc2	4.2-rc2.x
plone / plone	2.0	2.0.x
plone / plone	4.1.6	4.1.6.x
plone / plone	4.0.4	4.0.4.x
plone / plone	3.1.7	3.1.7.x
plone / plone	2.5.1	2.5.1.x
plone / plone	4.1	4.1.x
plone / plone	2.5.3	2.5.3.x
plone / plone	3.2.2	3.2.2.x
plone / plone	2.0.4	2.0.4.x
plone / plone	2.1.2	2.1.2.x
plone / plone	1.0.1	1.0.1.x
plone / plone	3.0.3	3.0.3.x
plone / plone	3.3.1	3.3.1.x
plone / plone	4.2-a2	4.2-a2.x
plone / plone	3.0.4	3.0.4.x
plone / plone	4.1.4	4.1.4.x
plone / plone	2.0.1	2.0.1.x
plone / plone	2.0.2	2.0.2.x
plone / plone	3.1.2	3.1.2.x
plone / plone	3.2.1	3.2.1.x
plone / plone	4.0	4.0.x
plone / plone	1.0.2	1.0.2.x
plone / plone	2.0.5	2.0.5.x
plone / plone	4.1.5	4.1.5.x
plone / plone	3.0.5	3.0.5.x
plone / plone	4.0.6.1	4.0.6.1.x
plone / plone	2.5	2.5.x
plone / plone	1.0.6	1.0.6.x
plone / plone	4.2-rc1	4.2-rc1.x
plone / plone	2.5.2	2.5.2.x
plone / plone	4.0.1	4.0.1.x
plone / plone	3.0.2	3.0.2.x
plone / plone	2.1	2.1.x
plone / plone	3.1	3.1.x
plone / plone	-	4.2.2.x
plone / plone	3.3.3	3.3.3.x
plone / plone	2.1.3	2.1.3.x
plone / plone	3.1.6	3.1.6.x
plone / plone	3.1.3	3.1.3.x
plone / plone	4.0.3	4.0.3.x
plone / plone	1.0.5	1.0.5.x
plone / plone	2.5.5	2.5.5.x
plone / plone	4.2	4.2.x
plone / plone	4.2.1	4.2.1.x

Vulnerability Database

289,782

CVE-2012-5493