CVE-2009-0668

Advisory

Unspecified vulnerability in Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharing is enabled, allows remote attackers to execute arbitrary Python code via vectors involving the ZEO network protocol.

Affected package

Affected versions

Fixed versions

Vulnerability changelog

Unspecified vulnerability in Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharing is enabled, allows remote attackers to execute arbitrary Python code via vectors involving the ZEO network protocol.

Resources

• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0668
• http://mail.zope.org/pipermail/zope-announce/2009-August/002220.html
• http://secunia.com/advisories/36204
• http://pypi.python.org/pypi/ZODB3/3.8.2#whats-new-in-zodb-3-8-2
• http://secunia.com/advisories/36205
• http://osvdb.org/56827
• http://www.vupen.com/english/advisories/2009/2217
• http://www.securityfocus.com/bid/35987
• https://exchange.xforce.ibmcloud.com/vulnerabilities/52377