CVE Vulnerabilities

CVE-2012-5501

Published: Sep 30, 2014 | Modified: Oct 01, 2014
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
6.4 MODERATE
AV:N/AC:L/Au:N/C:P/I:N/A:P
RedHat/V3
Ubuntu

at_download.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to read arbitrary BLOBs (Files and Images) stored on custom content types via a crafted URL.

Affected Software

Name Vendor Start Version End Version
Plone Plone * 4.2.2 (including)
Plone Plone 1.0 (including) 1.0 (including)
Plone Plone 1.0.1 (including) 1.0.1 (including)
Plone Plone 1.0.2 (including) 1.0.2 (including)
Plone Plone 1.0.3 (including) 1.0.3 (including)
Plone Plone 1.0.4 (including) 1.0.4 (including)
Plone Plone 1.0.5 (including) 1.0.5 (including)
Plone Plone 1.0.6 (including) 1.0.6 (including)
Plone Plone 2.0 (including) 2.0 (including)
Plone Plone 2.0.1 (including) 2.0.1 (including)
Plone Plone 2.0.2 (including) 2.0.2 (including)
Plone Plone 2.0.3 (including) 2.0.3 (including)
Plone Plone 2.0.4 (including) 2.0.4 (including)
Plone Plone 2.0.5 (including) 2.0.5 (including)
Plone Plone 2.1 (including) 2.1 (including)
Plone Plone 2.1.1 (including) 2.1.1 (including)
Plone Plone 2.1.2 (including) 2.1.2 (including)
Plone Plone 2.1.3 (including) 2.1.3 (including)
Plone Plone 2.1.4 (including) 2.1.4 (including)
Plone Plone 2.5 (including) 2.5 (including)
Plone Plone 2.5.1 (including) 2.5.1 (including)
Plone Plone 2.5.2 (including) 2.5.2 (including)
Plone Plone 2.5.3 (including) 2.5.3 (including)
Plone Plone 2.5.4 (including) 2.5.4 (including)
Plone Plone 2.5.5 (including) 2.5.5 (including)
Plone Plone 3.0 (including) 3.0 (including)
Plone Plone 3.0.1 (including) 3.0.1 (including)
Plone Plone 3.0.2 (including) 3.0.2 (including)
Plone Plone 3.0.3 (including) 3.0.3 (including)
Plone Plone 3.0.4 (including) 3.0.4 (including)
Plone Plone 3.0.5 (including) 3.0.5 (including)
Plone Plone 3.0.6 (including) 3.0.6 (including)
Plone Plone 3.1 (including) 3.1 (including)
Plone Plone 3.1.1 (including) 3.1.1 (including)
Plone Plone 3.1.2 (including) 3.1.2 (including)
Plone Plone 3.1.3 (including) 3.1.3 (including)
Plone Plone 3.1.4 (including) 3.1.4 (including)
Plone Plone 3.1.5.1 (including) 3.1.5.1 (including)
Plone Plone 3.1.6 (including) 3.1.6 (including)
Plone Plone 3.1.7 (including) 3.1.7 (including)
Plone Plone 3.2 (including) 3.2 (including)
Plone Plone 3.2.1 (including) 3.2.1 (including)
Plone Plone 3.2.2 (including) 3.2.2 (including)
Plone Plone 3.2.3 (including) 3.2.3 (including)
Plone Plone 3.3 (including) 3.3 (including)
Plone Plone 3.3.1 (including) 3.3.1 (including)
Plone Plone 3.3.2 (including) 3.3.2 (including)
Plone Plone 3.3.3 (including) 3.3.3 (including)
Plone Plone 3.3.4 (including) 3.3.4 (including)
Plone Plone 3.3.5 (including) 3.3.5 (including)
Plone Plone 4.0 (including) 4.0 (including)
Plone Plone 4.0.1 (including) 4.0.1 (including)
Plone Plone 4.0.2 (including) 4.0.2 (including)
Plone Plone 4.0.3 (including) 4.0.3 (including)
Plone Plone 4.0.4 (including) 4.0.4 (including)
Plone Plone 4.0.5 (including) 4.0.5 (including)
Plone Plone 4.0.6.1 (including) 4.0.6.1 (including)
Plone Plone 4.1 (including) 4.1 (including)
Plone Plone 4.1.4 (including) 4.1.4 (including)
Plone Plone 4.1.5 (including) 4.1.5 (including)
Plone Plone 4.1.6 (including) 4.1.6 (including)
Plone Plone 4.2 (including) 4.2 (including)
Plone Plone 4.2-a1 (including) 4.2-a1 (including)
Plone Plone 4.2-a2 (including) 4.2-a2 (including)
Plone Plone 4.2-b1 (including) 4.2-b1 (including)
Plone Plone 4.2-b2 (including) 4.2-b2 (including)
Plone Plone 4.2-rc1 (including) 4.2-rc1 (including)
Plone Plone 4.2-rc2 (including) 4.2-rc2 (including)
Plone Plone 4.2.0.1 (including) 4.2.0.1 (including)
Plone Plone 4.2.1 (including) 4.2.1 (including)
Plone Plone 4.2.1.1 (including) 4.2.1.1 (including)
Plone Plone 4.3 (including) 4.3 (including)

References