2.1
CVE-2006-3458
- EPSS 0.42%
- Veröffentlicht 07.07.2006 23:05:00
- Zuletzt bearbeitet 16.06.2026 22:27:05
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 (Zope2) does not disable the "raw" command when providing untrusted users with restructured text (reStructuredText) functionality from docutils, which allows local users to read arbitrary files.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.42% | 0.336 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 2.1 | 3.9 | 2.9 |
AV:L/AC:L/Au:N/C:P/I:N/A:N
|
http://secunia.com/advisories/21459
http://www.novell.com/linux/security/advisories/2006_19_sr.html
http://mail.zope.org/pipermail/zope-announce/2006-July/001984.html
http://secunia.com/advisories/20988
http://secunia.com/advisories/21025
http://secunia.com/advisories/21130
http://www.debian.org/security/2006/dsa-1113
http://www.securityfocus.com/bid/18856
http://www.vupen.com/english/advisories/2006/2681
http://www.zope.org/Products/Zope/Hotfix-2006-07-05/Hotfix-20060705/README.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/27636
https://usn.ubuntu.com/317-1/