CVE-2006-3458
CVSS 2.1 - LOW
Description
Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 (Zope2) does not disable the "raw" command when providing untrusted users with restructured text (reStructuredText) functionality from docutils, which allows local users to read arbitrary files.
Affected Products
21| Vendor | Product | Version |
|---|---|---|
| zope | zope |
2.7.0
|
| zope | zope |
2.7.1
|
| zope | zope |
2.7.2
|
| zope | zope |
2.7.3
|
| zope | zope |
2.7.4
|
| zope | zope |
2.7.5
|
| zope | zope |
2.7.6
|
| zope | zope |
2.7.7
|
| zope | zope |
2.7.8
|
| zope | zope |
2.8.0
|
| zope | zope |
2.8.1
|
| zope | zope |
2.8.2
|
| zope | zope |
2.8.3
|
| zope | zope |
2.8.4
|
| zope | zope |
2.8.5
|
| zope | zope |
2.8.6
|
| zope | zope |
2.8.7
|
| zope | zope |
2.9.0
|
| zope | zope |
2.9.1
|
| zope | zope |
2.9.2
|
| zope | zope |
2.9.3
|
References
Weakness Types
NVD-CWE-Other
CVE Information
- CVE ID:
CVE-2006-3458- Published:
- 2006-07-07
- Modified:
- 2026-04-16
- CVSS Score:
- 2.1
- Severity:
- LOW
- Vector:
AV:L/AC:L/Au:N/C:P/I:N/A:N
Affected Vendors
zope
Quick Actions
CVSS Severity Scale
0.0 - 3.9
LOW
4.0 - 6.9
MEDIUM
7.0 - 8.9
HIGH
9.0 - 10.0
CRITICAL