FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  374826
Date:      2014-12-16
Time:      22:06:31Z
Committer: cs

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
34414a1e-e377-11db-b8ab-000c76189c4czope -- cross-site scripting vulnerability

The Zope Team reports:

A vulnerability has been discovered in Zope, where by certain types of misuse of HTTP GET, an attacker could gain elevated privileges. All Zope versions up to and including 2.10.2 are affected.


Discovery 2007-01-16
Entry 2007-04-05
Modified 2009-03-22
zope
lt 2.7.9_2

ge 2.8.0 le 2.8.8

ge 2.9.0 le 2.9.6

ge 2.10.0 le 2.10.2

plone
lt 2.5.3

23084
CVE-2007-0240
ports/111119
http://www.zope.org/Products/Zope/Hotfix-2007-03-20/announcement/view
http://plone.org/products/plone/releases/2.5.3
5f2a0c40-1322-11db-bd23-000475abc56fzope -- information disclosure vulnerability

Zope team reports:

Unspecified vulnerability in (Zope2) allows local users to obtain sensitive information via unknown attack vectors related to the docutils module and "restructured text".


Discovery 2006-07-05
Entry 2006-07-14
zope
ge 2.7.0 lt 2.7.9

ge 2.8.0 lt 2.8.7

ge 2.9.0 lt 2.9.3

CVE-2006-3458
http://www.zope.org/Products/Zope/Hotfix-2006-07-05/Hotfix-2006-07-05/view
65a8f773-4a37-11db-a4cc-000a48049292zope -- restructuredText "csv_table" Information Disclosure

Secunia reports:

A vulnerability has been reported in Zope, which can be exploited by malicious people to disclose potentially sensitive information.

The vulnerability is caused due to an error in the use of the docutils module to parse and render "restructured" text. This can be exploited to disclose certain information via the "csv_table" reStructuredText directive.


Discovery 2006-08-21
Entry 2006-09-22
Modified 2006-12-27
zope
ge 2.7.0 lt 2.7.9_1

ge 2.8.0 lt 2.8.8_1

20022
CVE-2006-4684
http://secunia.com/advisories/21947/
http://www.zope.org/Products/Zope/Hotfix-2006-08-21/Hotfix-20060821/README.txt
65a8f773-4a37-11db-a4cc-000a48049292zope -- restructuredText "csv_table" Information Disclosure

Secunia reports:

A vulnerability has been reported in Zope, which can be exploited by malicious people to disclose potentially sensitive information.

The vulnerability is caused due to an error in the use of the docutils module to parse and render "restructured" text. This can be exploited to disclose certain information via the "csv_table" reStructuredText directive.


Discovery 2006-08-21
Entry 2006-09-22
Modified 2006-12-27
zope
ge 2.7.0 lt 2.7.9_1

ge 2.8.0 lt 2.8.8_1

20022
CVE-2006-4684
http://secunia.com/advisories/21947/
http://www.zope.org/Products/Zope/Hotfix-2006-08-21/Hotfix-20060821/README.txt
34414a1e-e377-11db-b8ab-000c76189c4czope -- cross-site scripting vulnerability

The Zope Team reports:

A vulnerability has been discovered in Zope, where by certain types of misuse of HTTP GET, an attacker could gain elevated privileges. All Zope versions up to and including 2.10.2 are affected.


Discovery 2007-01-16
Entry 2007-04-05
Modified 2009-03-22
zope
lt 2.7.9_2

ge 2.8.0 le 2.8.8

ge 2.9.0 le 2.9.6

ge 2.10.0 le 2.10.2

plone
lt 2.5.3

23084
CVE-2007-0240
ports/111119
http://www.zope.org/Products/Zope/Hotfix-2007-03-20/announcement/view
http://plone.org/products/plone/releases/2.5.3
5f2a0c40-1322-11db-bd23-000475abc56fzope -- information disclosure vulnerability

Zope team reports:

Unspecified vulnerability in (Zope2) allows local users to obtain sensitive information via unknown attack vectors related to the docutils module and "restructured text".


Discovery 2006-07-05
Entry 2006-07-14
zope
ge 2.7.0 lt 2.7.9

ge 2.8.0 lt 2.8.7

ge 2.9.0 lt 2.9.3

CVE-2006-3458
http://www.zope.org/Products/Zope/Hotfix-2006-07-05/Hotfix-2006-07-05/view