Description
AccessControl/AuthEncoding.py in Zope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote attackers to obtain passwords via vectors involving timing discrepancies in password validation.
Remediation
References
Related Vulnerabilities
WordPress Other Vulnerability (CVE-2006-6017)
WordPress Plugin Visitor Traffic Real Time Statistics Security Bypass (2.11)
WordPress Plugin WP Maintenance Mode Remote Code Execution (2.0.6)
Moodle Improper Input Validation Vulnerability (CVE-2012-0801)
Oracle HTTP Server CVE-2007-0280 Vulnerability (CVE-2007-0280)