2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
It was discovered that the Zope web application server allows read access
to arbitrary pages on the server, if a user has the privilege to edit
“restructured text” pages.
For the stable distribution (sarge) this problem has been fixed in
version 2.7.5-2sarge2.
The unstable distribution (sid) does no longer contain Zope 2.7 packages.
We recommend that you upgrade your zope2.7 package.
CPE | Name | Operator | Version |
---|---|---|---|
zope2.7 | eq | 2.7.5-2 | |
zope2.7 | eq | 2.7.5-2sarge1 |