CVE-2011-0720

Description

Unspecified vulnerability in Plone 2.5 through 4.0, as used in Conga, luci, and possibly other products, allows remote attackers to obtain administrative access, read or create arbitrary content, and change the site skin via unknown vectors.

Affected products

plone / plone2.5 – 2.5
plone / plone2.5.1 – 2.5.1
plone / plone2.5.2 – 2.5.2
plone / plone2.5.3 – 2.5.3
plone / plone2.5.4 – 2.5.4
plone / plone2.5.5 – 2.5.5
plone / plone3.0 – 3.0
plone / plone3.0.1 – 3.0.1
plone / plone3.0.2 – 3.0.2
plone / plone3.0.3 – 3.0.3
plone / plone3.0.4 – 3.0.4
plone / plone3.0.5 – 3.0.5
plone / plone3.0.6 – 3.0.6
plone / plone3.1 – 3.1
plone / plone3.1.1 – 3.1.1
plone / plone3.1.2 – 3.1.2
plone / plone3.1.3 – 3.1.3
plone / plone3.1.4 – 3.1.4
plone / plone3.1.5.1 – 3.1.5.1
plone / plone3.1.6 – 3.1.6
plone / plone3.1.7 – 3.1.7
plone / plone3.2 – 3.2
plone / plone3.2.1 – 3.2.1
plone / plone3.2.2 – 3.2.2
plone / plone3.2.3 – 3.2.3
plone / plone3.3 – 3.3
plone / plone3.3.1 – 3.3.1
plone / plone3.3.2 – 3.3.2
plone / plone3.3.3 – 3.3.3
plone / plone3.3.4 – 3.3.4
plone / plone3.3.5 – 3.3.5
plone / plone4.0 – 4.0
RedHat / conga
RedHat / luci

References

MISChttp://osvdb.org/70753
VENDOR_ADVISORYhttp://plone.org/products/plone/security/advisories/cve-2011-0720
MISChttp://www.securityfocus.com/bid/46102
VENDOR_ADVISORYhttp://secunia.com/advisories/43146
MISChttp://www.redhat.com/support/errata/RHSA-2011-0393.html
MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/65099
VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2011/0796
VENDOR_ADVISORYhttp://secunia.com/advisories/43914
MISChttp://www.securitytracker.com/id?1025258
MISChttp://www.redhat.com/support/errata/RHSA-2011-0394.html