CVE-2006-4684

NameCVE-2006-4684
DescriptionThe docutils module in Zope (Zope2) 2.7.0 through 2.7.9 and 2.8.0 through 2.8.8 does not properly handle web pages with reStructuredText (reST) markup, which allows remote attackers to read arbitrary files via a csv_table directive, a different vulnerability than CVE-2006-3458.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-1176-1
NVD severitymedium (attack range: remote)

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
zope2.7source(unstable)(unfixed)medium
zope2.7sourcesarge2.7.5-2sarge2mediumDSA-1176-1
zope2.8source(unstable)2.8.8-2medium

Search for package or bug name: Reporting problems