漏洞类别:Web server漏洞等级: 
漏洞信息
Zope is a dynamic HTML management package maintained by the Zope Project. Some versions of Zope contain a vulnerability that could allow remote users to modify internal Zope data structures.
A remote user may be able to delete, add, or delete attributes or methods of existing Zclasses. This could potentially interfere with normal site functionality and allow a denial of service attack on the vulnerable host.
漏洞危害
If properly exploited, this vulnerability could potentially allow disclosure of arbitrary information to a malicious user.
解决方案
Zope advises that you upgrade to a fixed package, which can be downloaded from the Zope Download site
0day
文章评论