ByteOS Network

Vulnerability Details :

CVE-2006-3458

Assigner-mitre

Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca

Published At-07 Jul, 2006 | 23:00

Updated At-07 Aug, 2024 | 18:30

Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 (Zope2) does not disable the "raw" command when providing untrusted users with restructured text (reStructuredText) functionality from docutils, which allows local users to read arbitrary files.

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

▼Common Vulnerabilities and Exposures (CVE)

cve.org

Assigner:mitre

Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca

Published At:07 Jul, 2006 | 23:00

Updated At:07 Aug, 2024 | 18:30

▼CVE Numbering Authority (CNA)

Affected Products

Vendor

n/a

Product

n/a

Versions

Affected

Problem Types

Type	CWE ID	Description
text	N/A	n/a

Type: text

CWE ID: N/A

Description: n/a

References

Hyperlink	Resource
http://secunia.com/advisories/21025	third-party-advisory x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/27636	vdb-entry x_refsource_XF
http://www.zope.org/Products/Zope/Hotfix-2006-07-05/Hotfix-20060705/README.txt	x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2006/2681	vdb-entry x_refsource_VUPEN
http://secunia.com/advisories/21130	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/21459	third-party-advisory x_refsource_SECUNIA
http://www.novell.com/linux/security/advisories/2006_19_sr.html	vendor-advisory x_refsource_SUSE
http://www.debian.org/security/2006/dsa-1113	vendor-advisory x_refsource_DEBIAN
http://www.securityfocus.com/bid/18856	vdb-entry x_refsource_BID
http://secunia.com/advisories/20988	third-party-advisory x_refsource_SECUNIA
http://mail.zope.org/pipermail/zope-announce/2006-July/001984.html	mailing-list x_refsource_MLIST
https://usn.ubuntu.com/317-1/	vendor-advisory x_refsource_UBUNTU

Hyperlink: http://secunia.com/advisories/21025

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/27636

Resource:

vdb-entry

x_refsource_XF

Hyperlink: http://www.zope.org/Products/Zope/Hotfix-2006-07-05/Hotfix-20060705/README.txt

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.vupen.com/english/advisories/2006/2681

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://secunia.com/advisories/21130

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://secunia.com/advisories/21459

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.novell.com/linux/security/advisories/2006_19_sr.html

Resource:

vendor-advisory

x_refsource_SUSE

Hyperlink: http://www.debian.org/security/2006/dsa-1113

Resource:

vendor-advisory

x_refsource_DEBIAN

Hyperlink: http://www.securityfocus.com/bid/18856

Resource:

vdb-entry

x_refsource_BID

Hyperlink: http://secunia.com/advisories/20988

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://mail.zope.org/pipermail/zope-announce/2006-July/001984.html

Resource:

mailing-list

x_refsource_MLIST

Hyperlink: https://usn.ubuntu.com/317-1/

Resource:

vendor-advisory

x_refsource_UBUNTU

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
http://secunia.com/advisories/21025	third-party-advisory x_refsource_SECUNIA x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/27636	vdb-entry x_refsource_XF x_transferred
http://www.zope.org/Products/Zope/Hotfix-2006-07-05/Hotfix-20060705/README.txt	x_refsource_CONFIRM x_transferred
http://www.vupen.com/english/advisories/2006/2681	vdb-entry x_refsource_VUPEN x_transferred
http://secunia.com/advisories/21130	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/21459	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.novell.com/linux/security/advisories/2006_19_sr.html	vendor-advisory x_refsource_SUSE x_transferred
http://www.debian.org/security/2006/dsa-1113	vendor-advisory x_refsource_DEBIAN x_transferred
http://www.securityfocus.com/bid/18856	vdb-entry x_refsource_BID x_transferred
http://secunia.com/advisories/20988	third-party-advisory x_refsource_SECUNIA x_transferred
http://mail.zope.org/pipermail/zope-announce/2006-July/001984.html	mailing-list x_refsource_MLIST x_transferred
https://usn.ubuntu.com/317-1/	vendor-advisory x_refsource_UBUNTU x_transferred

Hyperlink: http://secunia.com/advisories/21025

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/27636

Resource:

vdb-entry

x_refsource_XF

x_transferred

Hyperlink: http://www.zope.org/Products/Zope/Hotfix-2006-07-05/Hotfix-20060705/README.txt

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2006/2681

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: http://secunia.com/advisories/21130

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://secunia.com/advisories/21459

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.novell.com/linux/security/advisories/2006_19_sr.html

Resource:

vendor-advisory

x_refsource_SUSE

x_transferred

Hyperlink: http://www.debian.org/security/2006/dsa-1113

Resource:

vendor-advisory

x_refsource_DEBIAN

x_transferred

Hyperlink: http://www.securityfocus.com/bid/18856

Resource:

vdb-entry

x_refsource_BID

x_transferred

Hyperlink: http://secunia.com/advisories/20988

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://mail.zope.org/pipermail/zope-announce/2006-July/001984.html

Resource:

mailing-list

x_refsource_MLIST

x_transferred

Hyperlink: https://usn.ubuntu.com/317-1/

Resource:

vendor-advisory

x_refsource_UBUNTU

x_transferred

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:cve@mitre.org

Published At:07 Jul, 2006 | 23:05

Updated At:03 Apr, 2025 | 01:03

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	2.1	LOW	AV:L/AC:L/Au:N/C:P/I:N/A:N

Type: Primary

Version: 2.0

Base score: 2.1

Base severity: LOW

Vector:

AV:L/AC:L/Au:N/C:P/I:N/A:N

CPE Matches

zope>>zope>>2.7.0

cpe:2.3:a:zope:zope:2.7.0:*:*:*:*:*:*:*

zope>>zope>>2.7.1

cpe:2.3:a:zope:zope:2.7.1:*:*:*:*:*:*:*

zope>>zope>>2.7.2

cpe:2.3:a:zope:zope:2.7.2:*:*:*:*:*:*:*

zope>>zope>>2.7.3

cpe:2.3:a:zope:zope:2.7.3:*:*:*:*:*:*:*

zope>>zope>>2.7.4

cpe:2.3:a:zope:zope:2.7.4:*:*:*:*:*:*:*

zope>>zope>>2.7.5

cpe:2.3:a:zope:zope:2.7.5:*:*:*:*:*:*:*

zope>>zope>>2.7.6

cpe:2.3:a:zope:zope:2.7.6:*:*:*:*:*:*:*

zope>>zope>>2.7.7

cpe:2.3:a:zope:zope:2.7.7:*:*:*:*:*:*:*

zope>>zope>>2.7.8

cpe:2.3:a:zope:zope:2.7.8:*:*:*:*:*:*:*

zope>>zope>>2.8.0

cpe:2.3:a:zope:zope:2.8.0:*:*:*:*:*:*:*

zope>>zope>>2.8.1

cpe:2.3:a:zope:zope:2.8.1:*:*:*:*:*:*:*

zope>>zope>>2.8.2

cpe:2.3:a:zope:zope:2.8.2:*:*:*:*:*:*:*

zope>>zope>>2.8.3

cpe:2.3:a:zope:zope:2.8.3:*:*:*:*:*:*:*

zope>>zope>>2.8.4

cpe:2.3:a:zope:zope:2.8.4:*:*:*:*:*:*:*

zope>>zope>>2.8.5

cpe:2.3:a:zope:zope:2.8.5:*:*:*:*:*:*:*

zope>>zope>>2.8.6

cpe:2.3:a:zope:zope:2.8.6:*:*:*:*:*:*:*

zope>>zope>>2.8.7

cpe:2.3:a:zope:zope:2.8.7:*:*:*:*:*:*:*

zope>>zope>>2.9.0

cpe:2.3:a:zope:zope:2.9.0:*:*:*:*:*:*:*

zope>>zope>>2.9.1

cpe:2.3:a:zope:zope:2.9.1:*:*:*:*:*:*:*

zope>>zope>>2.9.2

cpe:2.3:a:zope:zope:2.9.2:*:*:*:*:*:*:*

zope>>zope>>2.9.3

cpe:2.3:a:zope:zope:2.9.3:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
NVD-CWE-Other	Primary	nvd@nist.gov

CWE ID: NVD-CWE-Other

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
http://mail.zope.org/pipermail/zope-announce/2006-July/001984.html	cve@mitre.org	N/A
http://secunia.com/advisories/20988	cve@mitre.org	Vendor Advisory
http://secunia.com/advisories/21025	cve@mitre.org	Vendor Advisory
http://secunia.com/advisories/21130	cve@mitre.org	Vendor Advisory
http://secunia.com/advisories/21459	cve@mitre.org	Vendor Advisory
http://www.debian.org/security/2006/dsa-1113	cve@mitre.org	N/A
http://www.novell.com/linux/security/advisories/2006_19_sr.html	cve@mitre.org	N/A
http://www.securityfocus.com/bid/18856	cve@mitre.org	N/A
http://www.vupen.com/english/advisories/2006/2681	cve@mitre.org	Vendor Advisory
http://www.zope.org/Products/Zope/Hotfix-2006-07-05/Hotfix-20060705/README.txt	cve@mitre.org	N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/27636	cve@mitre.org	N/A
https://usn.ubuntu.com/317-1/	cve@mitre.org	N/A
http://mail.zope.org/pipermail/zope-announce/2006-July/001984.html	af854a3a-2127-422b-91ae-364da2661108	N/A
http://secunia.com/advisories/20988	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
http://secunia.com/advisories/21025	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
http://secunia.com/advisories/21130	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
http://secunia.com/advisories/21459	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
http://www.debian.org/security/2006/dsa-1113	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.novell.com/linux/security/advisories/2006_19_sr.html	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.securityfocus.com/bid/18856	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.vupen.com/english/advisories/2006/2681	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
http://www.zope.org/Products/Zope/Hotfix-2006-07-05/Hotfix-20060705/README.txt	af854a3a-2127-422b-91ae-364da2661108	N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/27636	af854a3a-2127-422b-91ae-364da2661108	N/A
https://usn.ubuntu.com/317-1/	af854a3a-2127-422b-91ae-364da2661108	N/A