← Back

CVE-2006-4684

nvd nist
Published: Sep 19, 2006Modified: Apr 16, 2026

JSON object

Loading...
5.0
Vector
AV:N/AC:L/Au:N/C:P/I:N/A:N
Exploitability: 10.0 / Impact: 2.9
Source: NVD

Description

The docutils module in Zope (Zope2) 2.7.0 through 2.7.9 and 2.8.0 through 2.8.8 does not properly handle web pages with reStructuredText (reST) markup, which allows remote attackers to read arbitrary files via a csv_table directive, a different vulnerability than CVE-2006-3458.

Affected (19)

Products: Zope: Zope
Zope
1 product
Zope
Configuration A
19 vulnerable
Vulnerable SoftwareAffected Versions
Zope
Zope
Version 2.7.0
Zope
Version 2.7.1
Zope
Version 2.7.2
Zope
Version 2.7.3
Zope
Version 2.7.4
Zope
Version 2.7.5
Zope
Version 2.7.6
Zope
Version 2.7.7
Zope
Version 2.7.8
Zope
Version 2.7.9
Zope
Version 2.8.0
Zope
Version 2.8.1
Zope
Version 2.8.2
Zope
Version 2.8.3
Zope
Version 2.8.4
Zope
Version 2.8.5
Zope
Version 2.8.6
Zope
Version 2.8.7
Zope
Version 2.8.8

References (14)

Source: cve@mitre.org
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Patch

Timeline

No history available yet.