5

CVE-2006-4684

The docutils module in Zope (Zope2) 2.7.0 through 2.7.9 and 2.8.0 through 2.8.8 does not properly handle web pages with reStructuredText (reST) markup, which allows remote attackers to read arbitrary files via a csv_table directive, a different vulnerability than CVE-2006-3458.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ZopeZope Version2.7.0
ZopeZope Version2.7.1
ZopeZope Version2.7.2
ZopeZope Version2.7.3
ZopeZope Version2.7.4
ZopeZope Version2.7.5
ZopeZope Version2.7.6
ZopeZope Version2.7.7
ZopeZope Version2.7.8
ZopeZope Version2.7.9
ZopeZope Version2.8.0
ZopeZope Version2.8.1
ZopeZope Version2.8.2
ZopeZope Version2.8.3
ZopeZope Version2.8.4
ZopeZope Version2.8.5
ZopeZope Version2.8.6
ZopeZope Version2.8.7
ZopeZope Version2.8.8
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.38% 0.817
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://mail.zope.org/pipermail/zope-announce/2006-August/002005.html
http://secunia.com/advisories/21947
Patch
Vendor Advisory
http://secunia.com/advisories/21953
Patch
Vendor Advisory
http://www.debian.org/security/2006/dsa-1176
Patch
Vendor Advisory
http://www.securityfocus.com/bid/20022
http://www.vupen.com/english/advisories/2006/3653
http://www.zope.org/Products/Zope/Hotfix-2006-08-21/Hotfix-20060821/README.txt
Patch