First published: Thu Feb 03 2011(Updated: )
Common Vulnerabilities and Exposures assigned an identifier <a href="https://access.redhat.com/security/cve/CVE-2011-0720">CVE-2011-0720</a> to the following vulnerability: Name: <a href="https://access.redhat.com/security/cve/CVE-2011-0720">CVE-2011-0720</a> URL: <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0720">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0720</a> Assigned: 20110131 Reference: <a href="http://plone.org/products/plone/security/advisories/cve-2011-0720">http://plone.org/products/plone/security/advisories/cve-2011-0720</a> Reference: <a href="http://www.securityfocus.com/bid/46102">http://www.securityfocus.com/bid/46102</a> Reference: <a href="http://secunia.com/advisories/43146">http://secunia.com/advisories/43146</a> Reference: <a href="http://xforce.iss.net/xforce/xfdb/65099">http://xforce.iss.net/xforce/xfdb/65099</a> Unspecified vulnerability in Plone 2.5 through 4.0 allows remote attackers to obtain administrative access, read or create arbitrary content, and change the site skin via unknown vectors. The hotfix for this issue is available here: <a href="http://plone.org/products/plone-hotfix/releases/CVE-2011-0720/">http://plone.org/products/plone-hotfix/releases/CVE-2011-0720/</a> Some Plone components are included in conga, so this flaw may have some impact there.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/conga | <0:0.11.2-4.el4.2 | 0:0.11.2-4.el4.2 |
redhat/conga | <0:0.12.2-24.el5_6.1 | 0:0.12.2-24.el5_6.1 |
Plone Plone | =2.5 | |
Plone Plone | =2.5.1 | |
Plone Plone | =2.5.2 | |
Plone Plone | =2.5.3 | |
Plone Plone | =2.5.4 | |
Plone Plone | =2.5.5 | |
Plone Plone | =3.0 | |
Plone Plone | =3.0.1 | |
Plone Plone | =3.0.2 | |
Plone Plone | =3.0.3 | |
Plone Plone | =3.0.4 | |
Plone Plone | =3.0.5 | |
Plone Plone | =3.0.6 | |
Plone Plone | =3.1 | |
Plone Plone | =3.1.1 | |
Plone Plone | =3.1.2 | |
Plone Plone | =3.1.3 | |
Plone Plone | =3.1.4 | |
Plone Plone | =3.1.5.1 | |
Plone Plone | =3.1.6 | |
Plone Plone | =3.1.7 | |
Plone Plone | =3.2 | |
Plone Plone | =3.2.1 | |
Plone Plone | =3.2.2 | |
Plone Plone | =3.2.3 | |
Plone Plone | =3.3 | |
Plone Plone | =3.3.1 | |
Plone Plone | =3.3.2 | |
Plone Plone | =3.3.3 | |
Plone Plone | =3.3.4 | |
Plone Plone | =3.3.5 | |
Plone Plone | =4.0 | |
Redhat Conga | ||
Redhat Luci | ||
pip/Plone | >=2.5<4.0.4 | 4.0.4 |
All of | ||
Any of | ||
Plone Plone | =2.5 | |
Plone Plone | =2.5.1 | |
Plone Plone | =2.5.2 | |
Plone Plone | =2.5.3 | |
Plone Plone | =2.5.4 | |
Plone Plone | =2.5.5 | |
Plone Plone | =3.0 | |
Plone Plone | =3.0.1 | |
Plone Plone | =3.0.2 | |
Plone Plone | =3.0.3 | |
Plone Plone | =3.0.4 | |
Plone Plone | =3.0.5 | |
Plone Plone | =3.0.6 | |
Plone Plone | =3.1 | |
Plone Plone | =3.1.1 | |
Plone Plone | =3.1.2 | |
Plone Plone | =3.1.3 | |
Plone Plone | =3.1.4 | |
Plone Plone | =3.1.5.1 | |
Plone Plone | =3.1.6 | |
Plone Plone | =3.1.7 | |
Plone Plone | =3.2 | |
Plone Plone | =3.2.1 | |
Plone Plone | =3.2.2 | |
Plone Plone | =3.2.3 | |
Plone Plone | =3.3 | |
Plone Plone | =3.3.1 | |
Plone Plone | =3.3.2 | |
Plone Plone | =3.3.3 | |
Plone Plone | =3.3.4 | |
Plone Plone | =3.3.5 | |
Plone Plone | =4.0 | |
Any of | ||
Redhat Conga | ||
Redhat Luci |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.