Description

Zope 2.2.0 through 2.5.1 does not properly verify the access for objects with proxy roles, which could allow some users to access documents in violation of the intended configuration.

Remediation

References

CVE-2002-0170

Related Vulnerabilities

WordPress Plugin Flog Cross-Site Scripting (0.1)

OpenSSL Cryptographic Issues Vulnerability (CVE-2009-3555)

WordPress Plugin Newspack Blocks Arbitrary File Upload (3.0.8)

WordPress Plugin HashThemes Demo Importer Security Bypass (1.1.1)

Zope Web Application Server Other Vulnerability (CVE-2012-5486)

Severity

High

Classification

CVE-2002-0170

Tags

Missing Update Known Vulnerabilities