Description

ZCatalog plug-in index support capability for Zope 2.4.0 through 2.5.1 allows anonymous users and untrusted code to bypass access restrictions and call arbitrary methods of catalog indexes.

Remediation

References

CVE-2002-0688

Related Vulnerabilities

Rukovoditel Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-11815)

Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2020-10705)

Oracle Database Server CVE-2006-0258 Vulnerability (CVE-2006-0258)

MySQL CVE-2020-2904 Vulnerability (CVE-2020-2904)

MySQL CVE-2018-3278 Vulnerability (CVE-2018-3278)

Severity

High

Classification

CVE-2002-0688

Tags

Missing Update Known Vulnerabilities