Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2008-5102

Опубликовано: 17 нояб. 2008
Источник: nvd
CVSS2: 4
EPSS Средний

Описание

PythonScripts in Zope 2 2.11.2 and earlier, as used in Conga and other products, allows remote authenticated users to cause a denial of service (resource consumption or application halt) via certain (1) raise or (2) import statements.

Комментарий

http://www.zope.org/Products/Zope/Hotfix-2008-08-12/README.txt

Affected Versions

  • Zope 2.7.0 to Zope 2.11.2

http://openwall.com/lists/oss-security/2008/11/12/2

Affected Conga versions: - checked conga-0.9.1-8 (contains Zope2.7.5 RC2), conga-0.12.0-7.el5 (contains Zope-2.8.4), - but older,newer Conga versions can be also vulnerable to this issue (based on Zope 2 version).

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:zope:zope:*:*:*:*:*:*:*:*
Версия до 2.11.2 (включая)
cpe:2.3:a:zope:zope:1.10.3:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:1.10.4:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.0.0a4:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.0.0b4:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.0.0b5:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.0.0b6:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.1.0:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.1.0b1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.1.0b2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.1.3:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.1.4:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.1.5:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.1.6:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.2.0a1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.2.0b1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.2.0b2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.2.0b3:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.2.0b4:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.2.1b1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.2.4b1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.2.5:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.2.5b1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.3.0:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.3.0a1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.3.0a2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.3.0b1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.3.0b2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.3.0b3:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.3.1b1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.3.1b2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.3.1b3:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.3.2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.3.2b1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.3.2b2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.3.3:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.3.3b1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.4.0a1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.4.0b1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.4.0b2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.4.0b3:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.4.1b1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.4.2b1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.4.3:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.4.3:upgrade:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.4.3b1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.4.4:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.4.4:upgrade:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.4.4b1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.5.0a1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.5.0a2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.5.0b1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.5.1:upgrade:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.5.1b1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.5.1b2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.6.0:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.6.0a1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.6.0b1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.6.0b2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.6.1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.6.1:upgrade:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.6.1.b1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.6.2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.6.2.b1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.6.2.b2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.6.2.b3:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.6.2.b4:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.6.2.b5:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.6.2.b6:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.6.3:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.6.4:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.6.4:rc1:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.6.4:rc2:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.0-a1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.0-b1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.0-b2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.0-b3:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.0-b4:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.0-c1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.0-c2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.0-final:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.1-b1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.1-b2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.1-final:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.2-c1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.2-final:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.3-b1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.3-b2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.3-final:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.4-b1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.4-b2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.4-c1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.4-c2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.4-final:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.5-b1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.5-c1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.5-final:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.6-b1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.6-b2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.6-final:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.7-b1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.7-final:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.8:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.7.9:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.8.0-a1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.8.0-a2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.8.0-b1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.8.0-b2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.8.0-final:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.8.1-b1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.8.1-final:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.8.2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.8.3:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.8.4:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.8.5:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.8.6:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.8.7:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.8.8:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.8.9:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.8.9.1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.8.10:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.9.0-b1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.9.0-b2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.9.0-final:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.9.1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.9.2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.9.3:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.9.4:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.9.5:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.9.6:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.9.7:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.9.8:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.9.9:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.9.10:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.10.0-b1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.10.0-b2:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.10.0-c1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.10.0-final:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.10.2-b1:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.10.2-final:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.10.3-final:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.10.4-final:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.10.5:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.10.6:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.10.7:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.11.0:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.11.1:*:*:*:*:*:*:*

EPSS

Процентиль: 92%
0.10503
Средний

4 Medium

CVSS2

Дефекты

CWE-399

Связанные уязвимости

ubuntu логотип

CVE-2008-5102

ubuntu
около 17 лет назад

PythonScripts in Zope 2 2.11.2 and earlier, as used in Conga and other products, allows remote authenticated users to cause a denial of service (resource consumption or application halt) via certain (1) raise or (2) import statements.

redhat логотип

CVE-2008-5102

redhat
около 17 лет назад

PythonScripts in Zope 2 2.11.2 and earlier, as used in Conga and other products, allows remote authenticated users to cause a denial of service (resource consumption or application halt) via certain (1) raise or (2) import statements.

debian логотип

CVE-2008-5102

debian
около 17 лет назад

PythonScripts in Zope 2 2.11.2 and earlier, as used in Conga and other ...

github логотип

GHSA-jm43-8whq-422w

github
больше 3 лет назад

PythonScripts in Zope 2 2.11.2 and earlier, as used in Conga and other products, allows remote authenticated users to cause a denial of service (resource consumption or application halt) via certain (1) raise or (2) import statements.

EPSS

Процентиль: 92%
0.10503
Средний

4 Medium

CVSS2

Дефекты

CWE-399
Уязвимость CVE-2008-5102