Lucene search
UbuntuUSN-317-1HistoryJul 13, 2006 - 12:00 a.m.
zope2.8 vulnerability
2006-07-1300:00:00
ubuntu.com
29
6.5 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.3%
Releases
- Ubuntu 5.10
Details
Zope did not deactivate the ‘raw’ command when exposing
RestructuredText functionalities to untrusted users. A remote user
with the privilege of editing Zope webpages with RestructuredText
could exploit this to expose arbitrary files that can be read with the
privileges of the Zope server.
References
Related
nessus
nessus
Debian DSA-1113-1 : zope2.7 - programming error
2006-10-14 00:00:00
Ubuntu 5.10 : zope2.8 vulnerability (USN-317-1)
2007-11-10 00:00:00
osv
osv
zope2.7 - programming error
2006-07-18 00:00:00
PYSEC-2006-2
2006-07-21 14:03:00
openvas
openvas
FreeBSD Ports: zope
2008-09-04 00:00:00
Debian: Security Advisory (DSA-1113)
2008-01-17 00:00:00
Debian Security Advisory DSA 1113-1 (zope2.7)
2008-01-17 00:00:00
debian
debian
[SECURITY] [DSA 1113-1] New zope2.7 packages fix information disclosure
2006-07-18 21:22:08
freebsd
freebsd
zope -- information disclosure vulnerability
2006-07-05 00:00:00
cve
cve
ubuntucve
ubuntucve
debiancve
debiancve
CVE-2006-3695
2006-07-21 14:03:00
github
github
Trac reStructuredText breach of privacy and denial of service vulnerability
2022-05-01 07:11:38
6.5 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.3%
Related for USN-317-1