2.1

CVE-2006-3458

EPSS 0.07%
Veröffentlicht 07.07.2006 23:05:00
Zuletzt bearbeitet 16.04.2026 00:27:16
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 (Zope2) does not disable the "raw" command when providing untrusted users with restructured text (reStructuredText) functionality from docutils, which allows local users to read arbitrary files.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 15

NVD 21 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Zope ≫ Zope Version2.7.0

Zope ≫ Zope Version2.7.1

Zope ≫ Zope Version2.7.2

Zope ≫ Zope Version2.7.3

Zope ≫ Zope Version2.7.4

Zope ≫ Zope Version2.7.5

Zope ≫ Zope Version2.7.6

Zope ≫ Zope Version2.7.7

Zope ≫ Zope Version2.7.8

Zope ≫ Zope Version2.8.0

Zope ≫ Zope Version2.8.1

Zope ≫ Zope Version2.8.2

Zope ≫ Zope Version2.8.3

Zope ≫ Zope Version2.8.4

Zope ≫ Zope Version2.8.5

Zope ≫ Zope Version2.8.6

Zope ≫ Zope Version2.8.7

Zope ≫ Zope Version2.9.0

Zope ≫ Zope Version2.9.1

Zope ≫ Zope Version2.9.2

Zope ≫ Zope Version2.9.3

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.07%	0.221

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:P/I:N/A:N

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://secunia.com/advisories/21459

Vendor Advisory

http://www.novell.com/linux/security/advisories/2006_19_sr.html

http://mail.zope.org/pipermail/zope-announce/2006-July/001984.html

http://secunia.com/advisories/20988

Vendor Advisory

http://secunia.com/advisories/21025

Vendor Advisory

http://secunia.com/advisories/21130

Vendor Advisory

http://www.debian.org/security/2006/dsa-1113

http://www.securityfocus.com/bid/18856

http://www.vupen.com/english/advisories/2006/2681

Vendor Advisory

http://www.zope.org/Products/Zope/Hotfix-2006-07-05/Hotfix-20060705/README.txt

https://exchange.xforce.ibmcloud.com/vulnerabilities/27636

https://usn.ubuntu.com/317-1/

https://nvd.nist.gov/vuln/detail/CVE-2006-3458

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-3458

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-3458

EUVD