Published: 14/08/2001 Updated: 10/10/2017

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

VMScore: 409

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

Digital Creations Zope 2.3.2 and previous versions allows a local malicious user to gain additional privileges via the changing of ZClass permission mappings for objects and methods in the ZClass.

Vulnerable Product	Search on Vulmon	Subscribe to Product
zope zope 7.1
zope zope 7.2

A new Zope hotfix has been released which fixes a problem in ZClasses The README for the 2001-05-01 hotfix describes the problem as `any user can visit a ZClass declaration and change the ZClass permission mappings for methods and other objects defined within the ZClass, possibly allowing for unauthorized access within the Zope instance' This hot ...

NVD-CWE-Other http://www.debian.org/security/2001/dsa-055 http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-049.php3 http://www.redhat.com/support/errata/RHSA-2001-065.html http://www.zope.org/Products/Zope/Hotfix_2001-05-01/security_alert http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000407 https://exchange.xforce.ibmcloud.com/vulnerabilities/6958 https://nvd.nist.gov https://www.debian.org/security/./dsa-055

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2001-0567

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect