7.5

CVE-2000-1211

Zope 2.2.0 through 2.2.4 does not properly perform security registration for legacy names of object constructors such as DTML method objects, which could allow attackers to perform unauthorized activities.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ZopeZope Version2.2.0
ZopeZope Version2.2.0a1
ZopeZope Version2.2.0b1
ZopeZope Version2.2.0b2
ZopeZope Version2.2.0b3
ZopeZope Version2.2.0b4
ZopeZope Version2.2.1
ZopeZope Version2.2.1b1
ZopeZope Version2.2.2
ZopeZope Version2.2.3
ZopeZope Version2.2.4
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.43% 0.695
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.iss.net/security_center/static/5824.php
http://www.linux-mandrake.com/en/security/2000/MDKSA-2000-083.php3
Patch
Vendor Advisory
http://www.osvdb.org/6282
http://www.redhat.com/support/errata/RHSA-2000-125.html
http://www.zope.org/Products/Zope/Hotfix_2000-12-08/security_alert
Patch
Vendor Advisory