CVE-2000-1211
EPSS 0.60%Zope does not properly perform security registration for legacy names
Published: 4/30/2022Modified: 11/8/2023
Description
Zope 2.2.0 through 2.2.4 does not properly perform security registration for legacy names of object constructors such as DTML method objects, which could allow attackers to perform unauthorized activities.
Affected packages (1)
- PyPI/zope>= 2.2.0, <= 2.2.4
References (5)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2000-1211
- WEBhttps://web.archive.org/web/20010910131909/http://www.linux-mandrake.com/en/security/2000/MDKSA-2000-083.php3
- WEBhttps://web.archive.org/web/20021227061438/http://www.iss.net/security_center/static/5824.php
- WEBhttp://www.redhat.com/support/errata/RHSA-2000-125.html
- WEBhttp://www.zope.org/Products/Zope/Hotfix_2000-12-08/security_alert