Vulnerability Description
docutils in Zope 2.6, 2.7 before 2.7.8, and 2.8 before 2.8.2 allows remote attackers to include arbitrary files via include directives in RestructuredText functionality.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Zope | Zope | >= 2.7.0, < 2.7.8 |
| Debian | Debian Linux | 3.0 |
References
- http://secunia.com/advisories/17173Third Party Advisory
- http://secunia.com/advisories/17309Third Party Advisory
- http://secunia.com/advisories/17676Third Party Advisory
- http://www.debian.org/security/2005/dsa-910Third Party Advisory
- http://www.gentoo.org/security/en/glsa/glsa-200510-20.xmlThird Party Advisory
- http://www.novell.com/linux/security/advisories/2005_27_sr.htmlThird Party Advisory
- http://www.securityfocus.com/bid/15082Third Party AdvisoryVDB Entry
- http://www.zope.org/Products/Zope/Hotfix_2005-10-09/security_alertPatchVendor Advisory
- https://usn.ubuntu.com/229-1/
- http://secunia.com/advisories/17173Third Party Advisory
- http://secunia.com/advisories/17309Third Party Advisory
- http://secunia.com/advisories/17676Third Party Advisory
- http://www.debian.org/security/2005/dsa-910Third Party Advisory
- http://www.gentoo.org/security/en/glsa/glsa-200510-20.xmlThird Party Advisory
- http://www.novell.com/linux/security/advisories/2005_27_sr.htmlThird Party Advisory
FAQ
What is CVE-2005-3323?
CVE-2005-3323 is a vulnerability with a CVSS score of 7.5 (HIGH). docutils in Zope 2.6, 2.7 before 2.7.8, and 2.8 before 2.8.2 allows remote attackers to include arbitrary files via include directives in RestructuredText functionality.
How severe is CVE-2005-3323?
CVE-2005-3323 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-3323?
Check the references section above for vendor advisories and patch information. Affected products include: Zope Zope, Debian Debian Linux.