Vulnerability Details : CVE-2006-3458
Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 (Zope2) does not disable the "raw" command when providing untrusted users with restructured text (reStructuredText) functionality from docutils, which allows local users to read arbitrary files.
Products affected by CVE-2006-3458
- cpe:2.3:a:zope:zope:2.7.4:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.7.5:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.7.8:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.9.0:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.7.6:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.7.7:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.8.5:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.8.6:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.8.7:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.8.4:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.7.2:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.7.3:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.9.2:*:*:*:*:*:*:*
- cpe:2.3:a:zope:zope:2.9.3:*:*:*:*:*:*:*
Threat overview for CVE-2006-3458
Top countries where our scanners detected CVE-2006-3458
Top open port discovered on systems with this issue
8080
IPs affected by CVE-2006-3458 13
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2006-3458!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2006-3458
0.10%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 25 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2006-3458
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
2.1
|
LOW | AV:L/AC:L/Au:N/C:P/I:N/A:N |
3.9
|
2.9
|
NIST |
References for CVE-2006-3458
-
http://mail.zope.org/pipermail/zope-announce/2006-July/001984.html
[Zope-Annce] Serious security problem with Zope 2
-
http://secunia.com/advisories/21130
Vendor Advisory
-
http://www.novell.com/linux/security/advisories/2006_19_sr.html
404 Page Not Found | SUSE
-
https://usn.ubuntu.com/317-1/
404: Page not found | Ubuntu
-
http://secunia.com/advisories/21025
Vendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/27636
-
http://www.securityfocus.com/bid/18856
-
http://www.zope.org/Products/Zope/Hotfix-2006-07-05/Hotfix-20060705/README.txt
404 Not Found
-
http://secunia.com/advisories/20988
Vendor Advisory
-
http://secunia.com/advisories/21459
About Secunia Research | FlexeraVendor Advisory
-
http://www.vupen.com/english/advisories/2006/2681
Site en constructionVendor Advisory
-
http://www.debian.org/security/2006/dsa-1113
Debian -- The Universal Operating System
Jump to