Vulnerability Description
PythonScripts in Zope 2 2.11.2 and earlier, as used in Conga and other products, allows remote authenticated users to cause a denial of service (resource consumption or application halt) via certain (1) raise or (2) import statements.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Zope | Zope | <= 2.11.2 |
Related Weaknesses (CWE)
References
- http://bugs.gentoo.org/show_bug.cgi?id=246411
- http://mail.zope.org/pipermail/zope/2008-August/174025.html
- http://openwall.com/lists/oss-security/2008/11/12/2
- http://www.vupen.com/english/advisories/2008/2418
- http://www.zope.org/Products/Zope/Hotfix-2008-08-12/Hotfix_20080812-1.1.0.tar.gzPatch
- http://www.zope.org/Products/Zope/Hotfix-2008-08-12/README.txtVendor Advisory
- https://bugs.launchpad.net/zope2/+bug/257269
- https://bugs.launchpad.net/zope2/+bug/257276
- http://bugs.gentoo.org/show_bug.cgi?id=246411
- http://mail.zope.org/pipermail/zope/2008-August/174025.html
- http://openwall.com/lists/oss-security/2008/11/12/2
- http://www.vupen.com/english/advisories/2008/2418
- http://www.zope.org/Products/Zope/Hotfix-2008-08-12/Hotfix_20080812-1.1.0.tar.gzPatch
- http://www.zope.org/Products/Zope/Hotfix-2008-08-12/README.txtVendor Advisory
- https://bugs.launchpad.net/zope2/+bug/257269
FAQ
What is CVE-2008-5102?
CVE-2008-5102 is a vulnerability with a CVSS score of 4.0 (MEDIUM). PythonScripts in Zope 2 2.11.2 and earlier, as used in Conga and other products, allows remote authenticated users to cause a denial of service (resource consumption or application halt) via certain (...
How severe is CVE-2008-5102?
CVE-2008-5102 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-5102?
Check the references section above for vendor advisories and patch information. Affected products include: Zope Zope.