Vulnerability Details CVE-2005-3323
docutils in Zope 2.6, 2.7 before 2.7.8, and 2.8 before 2.8.2 allows remote attackers to include arbitrary files via include directives in RestructuredText functionality.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.023
EPSS Ranking 84.0%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/17173
- http://secunia.com/advisories/17309
- http://secunia.com/advisories/17676
- http://www.debian.org/security/2005/dsa-910
- http://www.gentoo.org/security/en/glsa/glsa-200510-20.xml
- http://www.novell.com/linux/security/advisories/2005_27_sr.html
- http://www.securityfocus.com/bid/15082
- http://www.zope.org/Products/Zope/Hotfix_2005-10-09/security_alert
- https://usn.ubuntu.com/229-1/
- http://secunia.com/advisories/17173
- http://secunia.com/advisories/17309
- http://secunia.com/advisories/17676
- http://www.debian.org/security/2005/dsa-910
- http://www.gentoo.org/security/en/glsa/glsa-200510-20.xml
- http://www.novell.com/linux/security/advisories/2005_27_sr.html
- http://www.securityfocus.com/bid/15082
- http://www.zope.org/Products/Zope/Hotfix_2005-10-09/security_alert
- https://usn.ubuntu.com/229-1/
Products affected by CVE-2005-3323
-
cpe:2.3:a:zope:zope:2.6
-
cpe:2.3:a:zope:zope:2.7.0
-
cpe:2.3:a:zope:zope:2.7.1
-
cpe:2.3:a:zope:zope:2.7.2
-
cpe:2.3:a:zope:zope:2.7.3
-
cpe:2.3:a:zope:zope:2.7.4
-
cpe:2.3:a:zope:zope:2.7.5
-
cpe:2.3:a:zope:zope:2.7.6
-
cpe:2.3:a:zope:zope:2.7.7
-
cpe:2.3:a:zope:zope:2.8.0
-
cpe:2.3:a:zope:zope:2.8.1
-
cpe:2.3:o:debian:debian_linux:3.0
-
cpe:2.3:o:debian:debian_linux:3.1