Description

Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 (Zope2) does not disable the "raw" command when providing untrusted users with restructured text (reStructuredText) functionality from docutils, which allows local users to read arbitrary files.

Remediation

References

CVE-2006-3458

Related Vulnerabilities

MySQL Other Vulnerability (CVE-2006-4031)

MySQL CVE-2021-2016 Vulnerability (CVE-2021-2016)

WordPress Plugin Site Editor-WordPress Site Builder-Theme Builder and Page Builder Local File Inclusion (1.1.1)

WordPress Plugin Backup and Restore WordPress-WPBackItUp Cross-Site Request Forgery (1.6.7)

Squid Improper Input Validation Vulnerability (CVE-2013-1839)

Severity

Low

Classification

CVE-2006-3458

Tags

Missing Update Known Vulnerabilities