CVE-2006-4684 - Vulnerability Details

Vendors	Products
Zope	Zope

Link	Providers
http://mail.zope.org/pipermail/zope-announce/2006-August/002005.html
http://secunia.com/advisories/21947
http://secunia.com/advisories/21953
http://www.debian.org/security/2006/dsa-1176
http://www.securityfocus.com/bid/20022
http://www.vupen.com/english/advisories/2006/3653
http://www.zope.org/Products/Zope/Hotfix-2006-08-21/Hotfix-20060821/README.txt

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-08-21T00:00:00", "descriptions": [{"lang": "en", "value": "The docutils module in Zope (Zope2) 2.7.0 through 2.7.9 and 2.8.0 through 2.8.8 does not properly handle web pages with reStructuredText (reST) markup, which allows remote attackers to read arbitrary files via a csv_table directive, a different vulnerability than CVE-2006-3458."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2006-12-11T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "[Zope-Annce] 20060821 Hotfix for Further reST Integration Issue", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://mail.zope.org/pipermail/zope-announce/2006-August/002005.html"}, {"name": "ADV-2006-3653", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/3653"}, {"name": "21953", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/21953"}, {"name": "20022", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/20022"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.zope.org/Products/Zope/Hotfix-2006-08-21/Hotfix-20060821/README.txt"}, {"name": "DSA-1176", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2006/dsa-1176"}, {"name": "21947", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/21947"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-4684", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The docutils module in Zope (Zope2) 2.7.0 through 2.7.9 and 2.8.0 through 2.8.8 does not properly handle web pages with reStructuredText (reST) markup, which allows remote attackers to read arbitrary files via a csv_table directive, a different vulnerability than CVE-2006-3458."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "[Zope-Annce] 20060821 Hotfix for Further reST Integration Issue", "refsource": "MLIST", "url": "http://mail.zope.org/pipermail/zope-announce/2006-August/002005.html"}, {"name": "ADV-2006-3653", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3653"}, {"name": "21953", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21953"}, {"name": "20022", "refsource": "BID", "url": "http://www.securityfocus.com/bid/20022"}, {"name": "http://www.zope.org/Products/Zope/Hotfix-2006-08-21/Hotfix-20060821/README.txt", "refsource": "CONFIRM", "url": "http://www.zope.org/Products/Zope/Hotfix-2006-08-21/Hotfix-20060821/README.txt"}, {"name": "DSA-1176", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1176"}, {"name": "21947", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21947"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T19:23:41.180Z"}, "title": "CVE Program Container", "references": [{"name": "[Zope-Annce] 20060821 Hotfix for Further reST Integration Issue", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://mail.zope.org/pipermail/zope-announce/2006-August/002005.html"}, {"name": "ADV-2006-3653", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/3653"}, {"name": "21953", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/21953"}, {"name": "20022", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/20022"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.zope.org/Products/Zope/Hotfix-2006-08-21/Hotfix-20060821/README.txt"}, {"name": "DSA-1176", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2006/dsa-1176"}, {"name": "21947", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/21947"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-4684", "datePublished": "2006-09-19T18:00:00", "dateReserved": "2006-09-11T00:00:00", "dateUpdated": "2024-08-07T19:23:41.180Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2006-08-21T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : The docutils module in Zope (Zope2) 2.7.0 through 2.7.9 and 2.8.0 through 2.8.8 does not properly handle web pages with reStructuredText (reST) markup, which allows remote attackers to read arbitrary files via a csv_table directive, a different vulnerability than CVE-2006-3458. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2006-12-11T10:00:00 (string)

orgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

shortName : mitre (string)

}

references : [ »

0 : { »

name : [Zope-Annce] 20060821 Hotfix for Further reST Integration Issue (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

]

url : http://mail.zope.org/pipermail/zope-announce/2006-August/002005.html (string)

}

1 : { »

name : ADV-2006-3653 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

]

url : http://www.vupen.com/english/advisories/2006/3653 (string)

}

2 : { »

name : 21953 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/21953 (string)

}

3 : { »

name : 20022 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

]

url : http://www.securityfocus.com/bid/20022 (string)

}

4 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://www.zope.org/Products/Zope/Hotfix-2006-08-21/Hotfix-20060821/README.txt (string)

}

5 : { »

name : DSA-1176 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_DEBIAN (string)

]

url : http://www.debian.org/security/2006/dsa-1176 (string)

}

6 : { »

name : 21947 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/21947 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : cve@mitre.org (string)

ID : CVE-2006-4684 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : The docutils module in Zope (Zope2) 2.7.0 through 2.7.9 and 2.8.0 through 2.8.8 does not properly handle web pages with reStructuredText (reST) markup, which allows remote attackers to read arbitrary files via a csv_table directive, a different vulnerability than CVE-2006-3458. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : [Zope-Annce] 20060821 Hotfix for Further reST Integration Issue (string)

refsource : MLIST (string)

url : http://mail.zope.org/pipermail/zope-announce/2006-August/002005.html (string)

}

1 : { »

name : ADV-2006-3653 (string)

refsource : VUPEN (string)

url : http://www.vupen.com/english/advisories/2006/3653 (string)

}

2 : { »

name : 21953 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/21953 (string)

}

3 : { »

name : 20022 (string)

refsource : BID (string)

url : http://www.securityfocus.com/bid/20022 (string)

}

4 : { »

name : http://www.zope.org/Products/Zope/Hotfix-2006-08-21/Hotfix-20060821/README.txt (string)

refsource : CONFIRM (string)

url : http://www.zope.org/Products/Zope/Hotfix-2006-08-21/Hotfix-20060821/README.txt (string)

}

5 : { »

name : DSA-1176 (string)

refsource : DEBIAN (string)

url : http://www.debian.org/security/2006/dsa-1176 (string)

}

6 : { »

name : 21947 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/21947 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-07T19:23:41.180Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : [Zope-Annce] 20060821 Hotfix for Further reST Integration Issue (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

2 : x_transferred (string)

]

url : http://mail.zope.org/pipermail/zope-announce/2006-August/002005.html (string)

}

1 : { »

name : ADV-2006-3653 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

2 : x_transferred (string)

]

url : http://www.vupen.com/english/advisories/2006/3653 (string)

}

2 : { »

name : 21953 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/21953 (string)

}

3 : { »

name : 20022 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/bid/20022 (string)

}

4 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://www.zope.org/Products/Zope/Hotfix-2006-08-21/Hotfix-20060821/README.txt (string)

}

5 : { »

name : DSA-1176 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_DEBIAN (string)

2 : x_transferred (string)

]

url : http://www.debian.org/security/2006/dsa-1176 (string)

}

6 : { »

name : 21947 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/21947 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

assignerShortName : mitre (string)

cveId : CVE-2006-4684 (string)

datePublished : 2006-09-19T18:00:00 (string)

dateReserved : 2006-09-11T00:00:00 (string)

dateUpdated : 2024-08-07T19:23:41.180Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:zope:zope:2.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E296CD1C-2601-4A63-9E9D-38A39C84BF5D", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "9FF9B22D-6EF3-4364-A016-041457C4DFC0", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "88153606-52FE-4C0B-88CD-B76538C19055", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "EAA38381-4C32-4C55-8116-341028D1888A", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.7.4:*:*:*:*:*:*:*", "matchCriteriaId": "1B294E38-65FD-474D-BABC-9447EF33202A", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.7.5:*:*:*:*:*:*:*", "matchCriteriaId": "685805FD-1A33-480E-A313-255EDF0B5266", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.7.6:*:*:*:*:*:*:*", "matchCriteriaId": "D827148D-4A8A-41DB-91B6-0049706D53D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.7.7:*:*:*:*:*:*:*", "matchCriteriaId": "0273EF1B-BC64-432F-8966-68547DFAD6BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.7.8:*:*:*:*:*:*:*", "matchCriteriaId": "5A52CDCE-172C-4FAC-9015-ACF362E8E8A0", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.7.9:*:*:*:*:*:*:*", "matchCriteriaId": "84DFC911-D226-4F8C-840A-D5F6EBBBF0CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "234C776B-C053-484C-ADE4-ED270064943F", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "244107E5-42B0-4695-BBC9-5B90AD0A1336", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "93785E75-3F82-471E-B802-6337A6469AF7", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "B34066B4-CE72-4271-9CFD-F725F7D17C89", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "9A40B0D1-1812-4BC7-AC7D-CCE6184A9DB1", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.8.5:*:*:*:*:*:*:*", "matchCriteriaId": "81028DBB-7A75-4D27-8027-947F15CAA21E", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.8.6:*:*:*:*:*:*:*", "matchCriteriaId": "62BCE60F-9081-44D3-87FC-396D1A954626", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.8.7:*:*:*:*:*:*:*", "matchCriteriaId": "DBA09D22-779C-4E63-B216-B931FA11E014", "vulnerable": true}, {"criteria": "cpe:2.3:a:zope:zope:2.8.8:*:*:*:*:*:*:*", "matchCriteriaId": "B2759CCE-3A1F-4E3F-9832-8BF3AA4F20F9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The docutils module in Zope (Zope2) 2.7.0 through 2.7.9 and 2.8.0 through 2.8.8 does not properly handle web pages with reStructuredText (reST) markup, which allows remote attackers to read arbitrary files via a csv_table directive, a different vulnerability than CVE-2006-3458."}, {"lang": "es", "value": "El m\u00f3dulo docutils en Zope (Zope2) desde 2.7.0 hasta 2.7.9 y desde 2.8.0 hasta 2.8.8 no maneja adecuadamente p\u00e1ginas web con el marcado reStructuredText (reST), lo cual permite a atacantes remotos leer ficheros de su elecci\u00f3n v\u00eda una directiva csv_table, una vulnerabilidad diferente que CVE-2006-3458."}], "id": "CVE-2006-4684", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-09-19T18:07:00.000", "references": [{"source": "cve@mitre.org", "url": "http://mail.zope.org/pipermail/zope-announce/2006-August/002005.html"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/21947"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/21953"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.debian.org/security/2006/dsa-1176"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/20022"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2006/3653"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.zope.org/Products/Zope/Hotfix-2006-08-21/Hotfix-20060821/README.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://mail.zope.org/pipermail/zope-announce/2006-August/002005.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/21947"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/21953"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.debian.org/security/2006/dsa-1176"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/20022"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/3653"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.zope.org/Products/Zope/Hotfix-2006-08-21/Hotfix-20060821/README.txt"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:zope:zope:2.7.0:*:*:*:*:*:*:* (string)

matchCriteriaId : E296CD1C-2601-4A63-9E9D-38A39C84BF5D (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:zope:zope:2.7.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 9FF9B22D-6EF3-4364-A016-041457C4DFC0 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:zope:zope:2.7.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 88153606-52FE-4C0B-88CD-B76538C19055 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:zope:zope:2.7.3:*:*:*:*:*:*:* (string)

matchCriteriaId : EAA38381-4C32-4C55-8116-341028D1888A (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:zope:zope:2.7.4:*:*:*:*:*:*:* (string)

matchCriteriaId : 1B294E38-65FD-474D-BABC-9447EF33202A (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:zope:zope:2.7.5:*:*:*:*:*:*:* (string)

matchCriteriaId : 685805FD-1A33-480E-A313-255EDF0B5266 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:zope:zope:2.7.6:*:*:*:*:*:*:* (string)

matchCriteriaId : D827148D-4A8A-41DB-91B6-0049706D53D8 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:zope:zope:2.7.7:*:*:*:*:*:*:* (string)

matchCriteriaId : 0273EF1B-BC64-432F-8966-68547DFAD6BC (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:zope:zope:2.7.8:*:*:*:*:*:*:* (string)

matchCriteriaId : 5A52CDCE-172C-4FAC-9015-ACF362E8E8A0 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:zope:zope:2.7.9:*:*:*:*:*:*:* (string)

matchCriteriaId : 84DFC911-D226-4F8C-840A-D5F6EBBBF0CC (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:zope:zope:2.8.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 234C776B-C053-484C-ADE4-ED270064943F (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:zope:zope:2.8.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 244107E5-42B0-4695-BBC9-5B90AD0A1336 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:a:zope:zope:2.8.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 93785E75-3F82-471E-B802-6337A6469AF7 (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:a:zope:zope:2.8.3:*:*:*:*:*:*:* (string)

matchCriteriaId : B34066B4-CE72-4271-9CFD-F725F7D17C89 (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:a:zope:zope:2.8.4:*:*:*:*:*:*:* (string)

matchCriteriaId : 9A40B0D1-1812-4BC7-AC7D-CCE6184A9DB1 (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:a:zope:zope:2.8.5:*:*:*:*:*:*:* (string)

matchCriteriaId : 81028DBB-7A75-4D27-8027-947F15CAA21E (string)

vulnerable : true (boolean)

}

16 : { »

criteria : cpe:2.3:a:zope:zope:2.8.6:*:*:*:*:*:*:* (string)

matchCriteriaId : 62BCE60F-9081-44D3-87FC-396D1A954626 (string)

vulnerable : true (boolean)

}

17 : { »

criteria : cpe:2.3:a:zope:zope:2.8.7:*:*:*:*:*:*:* (string)

matchCriteriaId : DBA09D22-779C-4E63-B216-B931FA11E014 (string)

vulnerable : true (boolean)

}

18 : { »

criteria : cpe:2.3:a:zope:zope:2.8.8:*:*:*:*:*:*:* (string)

matchCriteriaId : B2759CCE-3A1F-4E3F-9832-8BF3AA4F20F9 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : The docutils module in Zope (Zope2) 2.7.0 through 2.7.9 and 2.8.0 through 2.8.8 does not properly handle web pages with reStructuredText (reST) markup, which allows remote attackers to read arbitrary files via a csv_table directive, a different vulnerability than CVE-2006-3458. (string)

}

1 : { »

lang : es (string)

value : El módulo docutils en Zope (Zope2) desde 2.7.0 hasta 2.7.9 y desde 2.8.0 hasta 2.8.8 no maneja adecuadamente páginas web con el marcado reStructuredText (reST), lo cual permite a atacantes remotos leer ficheros de su elección vía una directiva csv_table, una vulnerabilidad diferente que CVE-2006-3458. (string)

}

]

id : CVE-2006-4684 (string)

lastModified : 2025-04-03T01:03:51.193 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : NONE (string)

baseScore : 5 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : NONE (string)

vectorString : AV:N/AC:L/Au:N/C:P/I:N/A:N (string)

version : 2.0 (string)

}

exploitabilityScore : 10 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

}

published : 2006-09-19T18:07:00.000 (string)

references : [ »

0 : { »

source : cve@mitre.org (string)

url : http://mail.zope.org/pipermail/zope-announce/2006-August/002005.html (string)

}

1 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : http://secunia.com/advisories/21947 (string)

}

2 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : http://secunia.com/advisories/21953 (string)

}

3 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : http://www.debian.org/security/2006/dsa-1176 (string)

}

4 : { »

source : cve@mitre.org (string)

url : http://www.securityfocus.com/bid/20022 (string)

}

5 : { »

source : cve@mitre.org (string)

url : http://www.vupen.com/english/advisories/2006/3653 (string)

}

6 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Patch (string)

]

url : http://www.zope.org/Products/Zope/Hotfix-2006-08-21/Hotfix-20060821/README.txt (string)

}

7 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://mail.zope.org/pipermail/zope-announce/2006-August/002005.html (string)

}

8 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : http://secunia.com/advisories/21947 (string)

}

9 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : http://secunia.com/advisories/21953 (string)

}

10 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : http://www.debian.org/security/2006/dsa-1176 (string)

}

11 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.securityfocus.com/bid/20022 (string)

}

12 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.vupen.com/english/advisories/2006/3653 (string)

}

13 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : http://www.zope.org/Products/Zope/Hotfix-2006-08-21/Hotfix-20060821/README.txt (string)

}

]

sourceIdentifier : cve@mitre.org (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : NVD-CWE-Other (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object