Vulnerability Description
Unspecified vulnerability in Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharing is enabled, allows remote attackers to execute arbitrary Python code via vectors involving the ZEO network protocol.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Zope | Zodb | <= 3.8.1 |
Related Weaknesses (CWE)
References
- http://mail.zope.org/pipermail/zope-announce/2009-August/002220.html
- http://osvdb.org/56827
- http://pypi.python.org/pypi/ZODB3/3.8.2#whats-new-in-zodb-3-8-2
- http://secunia.com/advisories/36204Vendor Advisory
- http://secunia.com/advisories/36205Vendor Advisory
- http://www.securityfocus.com/bid/35987
- http://www.vupen.com/english/advisories/2009/2217
- https://exchange.xforce.ibmcloud.com/vulnerabilities/52377
- http://mail.zope.org/pipermail/zope-announce/2009-August/002220.html
- http://osvdb.org/56827
- http://pypi.python.org/pypi/ZODB3/3.8.2#whats-new-in-zodb-3-8-2
- http://secunia.com/advisories/36204Vendor Advisory
- http://secunia.com/advisories/36205Vendor Advisory
- http://www.securityfocus.com/bid/35987
- http://www.vupen.com/english/advisories/2009/2217
FAQ
What is CVE-2009-0668?
CVE-2009-0668 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Unspecified vulnerability in Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharing is enabled, allows remote attackers to execute arbitrary Python code ...
How severe is CVE-2009-0668?
CVE-2009-0668 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-0668?
Check the references section above for vendor advisories and patch information. Affected products include: Zope Zodb.