Main Vulnerability Database SB2017101085

SB2017101085 - Input validation error in Zope

Published: October 10, 2017 Updated: June 17, 2025

Security Bulletin ID SB2017101085

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Code execution

Description

This security bulletin contains information about 1 security vulnerability.

1) Input validation error (CVE-ID: CVE-2001-0128)

The vulnerability allows a local user to execute arbitrary code.

Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges.

Install update from vendor's website.