CVE-2009-0668
Zope Object Database < 3.8.2 - Remote Code Execution via ZEO Network Protocol
Title source: llmDescription
Unspecified vulnerability in Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharing is enabled, allows remote attackers to execute arbitrary Python code via vectors involving the ZEO network protocol.
References (8)
Core 8
Core References
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2009/2217
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/36204
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/52377
Various Sources x_refsource_confirm
http://pypi.python.org/pypi/ZODB3/3.8.2#whats-new-in-zodb-3-8-2
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/36205
Various Sources mailing-list
x_refsource_mlist
http://mail.zope.org/pipermail/zope-announce/2009-August/002220.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/56827
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/35987
Scores
EPSS
0.0216
EPSS Percentile
80.0%
Details
CWE
CWE-94
Status
published
Products (18)
pypi/ZODB3
0 - 3.8.2PyPI
zope/zodb
2.8.11
zope/zodb
2.9.11
zope/zodb
2.10.9
zope/zodb
2.11.4
zope/zodb
3.1
zope/zodb
3.1.1
zope/zodb
3.2
zope/zodb
3.2.4
zope/zodb
3.3
... and 8 more
Published
Aug 07, 2009
Tracked Since
Feb 18, 2026