Vulnerability Details CVE-2009-0668
Unspecified vulnerability in Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharing is enabled, allows remote attackers to execute arbitrary Python code via vectors involving the ZEO network protocol.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 69.3%
CVSS Severity
CVSS v2 Score 6.5
References
- http://mail.zope.org/pipermail/zope-announce/2009-August/002220.html
- http://osvdb.org/56827
- http://pypi.python.org/pypi/ZODB3/3.8.2#whats-new-in-zodb-3-8-2
- http://secunia.com/advisories/36204
- http://secunia.com/advisories/36205
- http://www.securityfocus.com/bid/35987
- http://www.vupen.com/english/advisories/2009/2217
- https://exchange.xforce.ibmcloud.com/vulnerabilities/52377
- http://mail.zope.org/pipermail/zope-announce/2009-August/002220.html
- http://osvdb.org/56827
- http://pypi.python.org/pypi/ZODB3/3.8.2#whats-new-in-zodb-3-8-2
- http://secunia.com/advisories/36204
- http://secunia.com/advisories/36205
- http://www.securityfocus.com/bid/35987
- http://www.vupen.com/english/advisories/2009/2217
- https://exchange.xforce.ibmcloud.com/vulnerabilities/52377
Products affected by CVE-2009-0668
-
cpe:2.3:a:zope:zodb:*
-
cpe:2.3:a:zope:zodb:2.10.9
-
cpe:2.3:a:zope:zodb:2.11.4
-
cpe:2.3:a:zope:zodb:2.8.11
-
cpe:2.3:a:zope:zodb:2.9.11
-
cpe:2.3:a:zope:zodb:3.1
-
cpe:2.3:a:zope:zodb:3.1.1
-
cpe:2.3:a:zope:zodb:3.2
-
cpe:2.3:a:zope:zodb:3.2.4
-
cpe:2.3:a:zope:zodb:3.3
-
cpe:2.3:a:zope:zodb:3.3.3
-
cpe:2.3:a:zope:zodb:3.4
-
cpe:2.3:a:zope:zodb:3.4.1
-
cpe:2.3:a:zope:zodb:3.5
-
cpe:2.3:a:zope:zodb:3.6
-
cpe:2.3:a:zope:zodb:3.7
-
cpe:2.3:a:zope:zodb:3.8.0