Vulnerabilities > CVE-2002-0170 - Unspecified vulnerability in Zope

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

zope

NVD

Published: 2002-04-22

Updated: 2016-10-18

Summary

Zope 2.2.0 through 2.5.1 does not properly verify the access for objects with proxy roles, which could allow some users to access documents in violation of the intended configuration.

Vulnerable Configurations

Part	Description	Count
Application	Zope Zope Zope 2.4.0 Zope Zope 2.2.1 Zope Zope 2.3.1 Zope Zope 2.4.4B1 Zope Zope 2.2.0 Zope Zope 2.3.2 Zope Zope 2.5.1B1 Zope Zope 2.5.0 Zope Zope 2.4.1 Zope Zope 2.2.4 Zope Zope 2.4.2 Zope Zope 2.4.3 Zope Zope 2.2.2 Zope Zope 2.2.5 Zope Zope 2.3.0 Zope Zope 2.3.3 Zope Zope 2.2.3	17

Redhat

advisories

rhsa

id	RHSA-2002:060

References

http://www.zope.org/Products/Zope/hotfixes/
http://www.redhat.com/support/errata/RHSA-2002-060.html
http://www.iss.net/security_center/static/8334.php
http://www.securityfocus.com/bid/4229
http://www.osvdb.org/5350
http://marc.info/?l=bugtraq&m=101503023511996&w=2