2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
6.1 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 (Zope2) does not disable the “raw” command when providing untrusted users with restructured text (reStructuredText) functionality from docutils, which allows local users to read arbitrary files.
mail.zope.org/pipermail/zope-announce/2006-July/001984.html
secunia.com/advisories/20988
secunia.com/advisories/21025
secunia.com/advisories/21130
secunia.com/advisories/21459
www.debian.org/security/2006/dsa-1113
www.novell.com/linux/security/advisories/2006_19_sr.html
www.securityfocus.com/bid/18856
www.vupen.com/english/advisories/2006/2681
www.zope.org/Products/Zope/Hotfix-2006-07-05/Hotfix-20060705/README.txt
exchange.xforce.ibmcloud.com/vulnerabilities/27636
usn.ubuntu.com/317-1/