PT-2005-4133 · Zope · Zope
Publicado
2005-10-27
·
Atualizado
2018-10-03
·
CVE-2005-3323
CVSS v2.0
7.5
Alta
| Vetor | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Zope versions 2.6, 2.7 through 2.7.7, 2.8 through 2.8.1
Description
The issue allows remote attackers to include arbitrary files via
include directives in RestructuredText functionality. This could potentially lead to unauthorized access to sensitive information.Recommendations
For Zope version 2.6, update to a newer version to mitigate the risk.
For Zope versions 2.7 through 2.7.7, update to version 2.7.8 or later.
For Zope versions 2.8 through 2.8.1, update to version 2.8.2 or later.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Zope