plone -- unsafe data interpreted as pickles

2007-11-06T00:00:00
ID FFBA6AB0-90B5-11DC-9835-003048705D5A
Type freebsd
Reporter FreeBSD
Modified 2007-11-06T00:00:00

Description

Plone projectreports:

This hotfix corrects a vulnerability in the statusmessages and linkintegrity modules, where unsafe network data was interpreted as python pickles. This allows an attacker to run arbitrary python code within the Zope/Plone process.