FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

zope -- restructuredText "csv_table" Information Disclosure

Affected packages
2.7.0 <= zope < 2.7.9_1
2.8.0 <= zope < 2.8.8_1


VuXML ID 65a8f773-4a37-11db-a4cc-000a48049292
Discovery 2006-08-21
Entry 2006-09-22
Modified 2006-12-27

Secunia reports:

A vulnerability has been reported in Zope, which can be exploited by malicious people to disclose potentially sensitive information.

The vulnerability is caused due to an error in the use of the docutils module to parse and render "restructured" text. This can be exploited to disclose certain information via the "csv_table" reStructuredText directive.


Bugtraq ID 20022
CVE Name CVE-2006-4684