Description

The docutils module in Zope (Zope2) 2.7.0 through 2.7.9 and 2.8.0 through 2.8.8 does not properly handle web pages with reStructuredText (reST) markup, which allows remote attackers to read arbitrary files via a csv_table directive, a different vulnerability than CVE-2006-3458.

Remediation

References

CVE-2006-4684

Related Vulnerabilities

Axway Secure Transport Improper Restriction of XML External Entity Reference Vulnerability (CVE-2019-14277)

WordPress Plugin Breadcrumb NavXT Information Disclosure (6.1.0)

OpenSSL Inadequate Encryption Strength Vulnerability (CVE-2014-0224)

WordPress Plugin Tweet Wheel Multiple Cross-Site Scripting Vulnerabilities (1.0.3.2)

WordPress Plugin WooCommerce Checkout Manager Cross-Site Request Forgery (4.3)

Severity

Medium

Classification

CVE-2006-4684

Tags

Missing Update Known Vulnerabilities