CVE-2008-5102

N/A Unknown

Published: November 17, 2008 Modified: April 23, 2026

Description

PythonScripts in Zope 2 2.11.2 and earlier, as used in Conga and other products, allows remote authenticated users to cause a denial of service (resource consumption or application halt) via certain (1) raise or (2) import statements.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://bugs.gentoo.org/show_bug.cgi?id=246411

Source: cve@mitre.org

http://mail.zope.org/pipermail/zope/2008-August/174025.html

Source: cve@mitre.org

http://openwall.com/lists/oss-security/2008/11/12/2

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2008/2418

Source: cve@mitre.org

http://www.zope.org/Products/Zope/Hotfix-2008-08-12/Hotfix_20080812-1.1.0.tar.gz

Source: cve@mitre.org

Patch

http://www.zope.org/Products/Zope/Hotfix-2008-08-12/README.txt

Source: cve@mitre.org

Vendor Advisory

https://bugs.launchpad.net/zope2/+bug/257269

Source: cve@mitre.org

https://bugs.launchpad.net/zope2/+bug/257276

Source: cve@mitre.org

http://bugs.gentoo.org/show_bug.cgi?id=246411