Description

Zope 2.2.0 through 2.2.4 does not properly protect a data updating method on Image and File objects, which allows attackers with DTML editing privileges to modify the raw data of these objects.

Remediation

References

CVE-2000-1212

Related Vulnerabilities

WordPress Plugin MyBookTable Bookstore by Author Media Cross-Site Scripting (3.2.1)

WordPress Plugin Fancy Product Designer-WooCommerce Cross-Site Scripting (4.5.0)

Joomla! Core 1.5.x Cross-Site Scripting (1.5.0 - 1.5.11)

WordPress Plugin ShareThis Dashboard for Google Analytics Cross-Site Scripting (2.5.1)

PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-7134)

Severity

Medium

Classification

CVE-2000-1212

Tags

Missing Update Known Vulnerabilities