CVE Vulnerabilities

CVE-2000-1211

Published: Dec 16, 2000 | Modified: Sep 05, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Zope 2.2.0 through 2.2.4 does not properly perform security registration for legacy names of object constructors such as DTML method objects, which could allow attackers to perform unauthorized activities.

Affected Software

Name Vendor Start Version End Version
Zope Zope 2.2.0 2.2.0
Zope Zope 2.2.0a1 2.2.0a1
Zope Zope 2.2.0b1 2.2.0b1
Zope Zope 2.2.0b2 2.2.0b2
Zope Zope 2.2.0b3 2.2.0b3
Zope Zope 2.2.0b4 2.2.0b4
Zope Zope 2.2.1 2.2.1
Zope Zope 2.2.1b1 2.2.1b1
Zope Zope 2.2.2 2.2.2
Zope Zope 2.2.3 2.2.3
Zope Zope 2.2.4 2.2.4

References