CVE-2005-3323

2005-10-2710:02:00

mitre

web.nvd.nist.gov

cve-2005-3323

docutils

zope

arbitrary file inclusion

remote attack

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.4

Confidence

Low

EPSS

0.023

Percentile

89.7%

JSON

docutils in Zope 2.6, 2.7 before 2.7.8, and 2.8 before 2.8.2 allows remote attackers to include arbitrary files via include directives in RestructuredText functionality.

Affected configurations

Nvd

Node

zopezopeRange2.7.0–2.7.8

zopezopeRange2.8.0–2.8.2

zopezopeMatch2.6

Node

debiandebian_linuxMatch3.0

debiandebian_linuxMatch3.1

VendorProductVersionCPE
zopezope*cpe:2.3:a:zope:zope:*:*:*:*:*:*:*:*
zopezope2.6cpe:2.3:a:zope:zope:2.6:*:*:*:*:*:*:*
debiandebian_linux3.0cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*
debiandebian_linux3.1cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
zope	zope	*	cpe:2.3:a:zope:zope::::::::
zope	zope	2.6	cpe:2.3:a:zope:zope:2.6:::::::*
debian	debian_linux	3.0	cpe:2.3:o:debian:debian_linux:3.0:::::::*
debian	debian_linux	3.1	cpe:2.3:o:debian:debian_linux:3.1:::::::*