Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1278

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2001-1278
Last Modified 10 Sep 2008 03:10:10
Published 10 Oct 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-1278

Summary

Zope before 2.2.4 allows partially trusted users to bypass security controls for certain methods by accessing the methods through the fmt attribute of dtml-var tags.

Vulnerable Systems

Application

  • Zope 2.2.0

  • Zope 2.2.1

  • Zope 2.2.2

  • Zope 2.2.3

  • Zope 2.2.4


References

REDHAT - RHSA-2001:115

MANDRAKE - MDKSA-2001:080

BID - 3425


Last Updated: 27 May 2016 10:36:36