Description

gtbn.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote authenticated users with certain permissions to bypass the Python sandbox and execute arbitrary Python code via unspecified vectors.

Remediation

References

CVE-2012-5493

Related Vulnerabilities

WordPress Plugin Backup Migration Arbitrary File Download (1.3.6)

PHP Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2011-0754)

Zope Web Application Server Other Vulnerability (CVE-2000-1212)

WordPress Plugin Super Forms-Drag & Drop Form Builder Arbitrary File Upload (4.9.700)

WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.14)

Severity

High

Classification

CVE-2012-5493 CWE-94

Tags

Missing Update Known Vulnerabilities