CVE-2002-0170

Published: Apr 22, 2002Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Zope 2.2.0 through 2.5.1 does not properly verify the access for objects with proxy roles, which could allow some users to access documents in violation of the intended configuration.

Affected (17)

Products: Zope: Zope

1 product

Configuration A

17 vulnerable

Vulnerable Software	Affected Versions
Zope Zope	Version 2.2.0
Zope Zope	Version 2.2.1
Zope Zope	Version 2.2.2
Zope Zope	Version 2.2.3
Zope Zope	Version 2.2.4
Zope Zope	Version 2.2.5
Zope Zope	Version 2.3.0
Zope Zope	Version 2.3.1
Zope Zope	Version 2.3.2
Zope Zope	Version 2.3.3
Zope Zope	Version 2.4.0
Zope Zope	Version 2.4.1
Zope Zope	Version 2.4.2
Zope Zope	Version 2.4.3
Zope Zope	Version 2.4.4b1
Zope Zope	Version 2.5.0
Zope Zope	Version 2.5.1b1

References (12)

http://marc.info/?l=bugtraq&m=101503023511996&w=2

Source: cve@mitre.org

http://www.iss.net/security_center/static/8334.php

Source: cve@mitre.org

http://www.osvdb.org/5350

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2002-060.html

Source: cve@mitre.org

http://www.securityfocus.com/bid/4229

Source: cve@mitre.org

http://www.zope.org/Products/Zope/hotfixes/

Source: cve@mitre.org

PatchVendor Advisory

http://marc.info/?l=bugtraq&m=101503023511996&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.iss.net/security_center/static/8334.php

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/5350

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2002-060.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/4229

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.zope.org/Products/Zope/hotfixes/

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.