CVE-2000-1211

Published: Dec 16, 2000Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Zope 2.2.0 through 2.2.4 does not properly perform security registration for legacy names of object constructors such as DTML method objects, which could allow attackers to perform unauthorized activities.

Affected (11)

Products: Zope: Zope

1 product

Configuration A

11 vulnerable

Vulnerable Software	Affected Versions
Zope Zope	Version 2.2.0
Zope Zope	Version 2.2.0a1
Zope Zope	Version 2.2.0b1
Zope Zope	Version 2.2.0b2
Zope Zope	Version 2.2.0b3
Zope Zope	Version 2.2.0b4
Zope Zope	Version 2.2.1
Zope Zope	Version 2.2.1b1
Zope Zope	Version 2.2.2
Zope Zope	Version 2.2.3
Zope Zope	Version 2.2.4

References (10)

http://www.iss.net/security_center/static/5824.php

Source: cve@mitre.org

http://www.linux-mandrake.com/en/security/2000/MDKSA-2000-083.php3

Source: cve@mitre.org

PatchVendor Advisory

http://www.osvdb.org/6282

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2000-125.html

Source: cve@mitre.org

http://www.zope.org/Products/Zope/Hotfix_2000-12-08/security_alert

Source: cve@mitre.org

PatchVendor Advisory

http://www.iss.net/security_center/static/5824.php

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.linux-mandrake.com/en/security/2000/MDKSA-2000-083.php3

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.osvdb.org/6282

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2000-125.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.zope.org/Products/Zope/Hotfix_2000-12-08/security_alert

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.