The docutils module in Zope (Zope2) 2.7.0 through 2.7.9 and 2.8.0 through 2.8.8 does not properly handle web pages with reStructuredText (reST) markup, which allows remote attackers to read arbitrary files via a csv_table directive, a different vulnerability than CVE-2006-3458.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:16
Type | Values Removed | Values Added |
---|---|---|
References | () http://mail.zope.org/pipermail/zope-announce/2006-August/002005.html - | |
References | () http://secunia.com/advisories/21947 - Patch, Vendor Advisory | |
References | () http://secunia.com/advisories/21953 - Patch, Vendor Advisory | |
References | () http://www.debian.org/security/2006/dsa-1176 - Patch, Vendor Advisory | |
References | () http://www.securityfocus.com/bid/20022 - | |
References | () http://www.vupen.com/english/advisories/2006/3653 - | |
References | () http://www.zope.org/Products/Zope/Hotfix-2006-08-21/Hotfix-20060821/README.txt - Patch |
Information
Published : 2006-09-19 18:07
Updated : 2024-11-21 00:16
NVD link : CVE-2006-4684
Mitre link : CVE-2006-4684
CVE.ORG link : CVE-2006-4684
JSON object : View
Products Affected
zope
- zope
CWE