CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
89.7%
docutils in Zope 2.6, 2.7 before 2.7.8, and 2.8 before 2.8.2 allows remote attackers to include arbitrary files via include directives in RestructuredText functionality.
Vendor | Product | Version | CPE |
---|---|---|---|
zope | zope | * | cpe:2.3:a:zope:zope:*:*:*:*:*:*:*:* |
zope | zope | 2.6 | cpe:2.3:a:zope:zope:2.6:*:*:*:*:*:*:* |
debian | debian_linux | 3.0 | cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:* |
debian | debian_linux | 3.1 | cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:* |
secunia.com/advisories/17173
secunia.com/advisories/17309
secunia.com/advisories/17676
www.debian.org/security/2005/dsa-910
www.gentoo.org/security/en/glsa/glsa-200510-20.xml
www.novell.com/linux/security/advisories/2005_27_sr.html
www.securityfocus.com/bid/15082
www.zope.org/Products/Zope/Hotfix_2005-10-09/security_alert
usn.ubuntu.com/229-1/