CVE-2005-3323

critical

Description

docutils in Zope 2.6, 2.7 before 2.7.8, and 2.8 before 2.8.2 allows remote attackers to include arbitrary files via include directives in RestructuredText functionality.

References

Advisories
More

http://www.securityfocus.com/bid/15082

http://www.novell.com/linux/security/advisories/2005_27_sr.html

http://www.gentoo.org/security/en/glsa/glsa-200510-20.xml

http://www.debian.org/security/2005/dsa-910

http://secunia.com/advisories/17676

http://secunia.com/advisories/17309

http://secunia.com/advisories/17173

https://usn.ubuntu.com/229-1/

http://www.zope.org/Products/Zope/Hotfix_2005-10-09/security_alert

Details

Source: Mitre, NVD

Published: 2005-10-27

Updated: 2025-04-03

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: Critical

EPSS

EPSS: 0.02297

Detections

Analytics