CVE-2009-0668
Published: 7 August 2009
Unspecified vulnerability in Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharing is enabled, allows remote attackers to execute arbitrary Python code via vectors involving the ZEO network protocol.
Notes
Author | Note |
---|---|
mdeslaur | patch in RH bug report is not the final version. |
Priority
Status
Package | Release | Status |
---|---|---|
zodb Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
hardy |
Ignored
(end of life)
|
|
intrepid |
Ignored
(end of life, was needs-triage)
|
|
jaunty |
Ignored
(end of life)
|
|
karmic |
Not vulnerable
(1:3.9.0-2)
|
|
lucid |
Not vulnerable
|
|
maverick |
Not vulnerable
|
|
natty |
Not vulnerable
|
|
oneiric |
Not vulnerable
|
|
upstream |
Released
(3.8.2)
|
|
zope2.10 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Ignored
(end of life)
|
|
intrepid |
Released
(2.10.6-1+lenny1build0.8.10.1)
|
|
jaunty |
Released
(2.10.6-1+lenny1build0.9.04.1)
|
|
karmic |
Not vulnerable
|
|
lucid |
Does not exist
|
|
maverick |
Does not exist
|
|
natty |
Does not exist
|
|
oneiric |
Does not exist
|
|
upstream |
Released
(2.10.9-1)
|
|
zope2.11 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Does not exist
|
|
intrepid |
Does not exist
|
|
jaunty |
Does not exist
|
|
karmic |
Ignored
(end of life)
|
|
lucid |
Does not exist
|
|
maverick |
Does not exist
|
|
natty |
Does not exist
|
|
oneiric |
Does not exist
|
|
upstream |
Needs triage
|
|
zope2.8 Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
hardy |
Does not exist
|
|
intrepid |
Does not exist
|
|
jaunty |
Does not exist
|
|
karmic |
Does not exist
|
|
lucid |
Does not exist
|
|
maverick |
Does not exist
|
|
natty |
Does not exist
|
|
oneiric |
Does not exist
|
|
upstream |
Needs triage
|
|
zope2.9 Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
hardy |
Ignored
(end of life)
|
|
intrepid |
Ignored
(end of life, was needs-triage)
|
|
jaunty |
Does not exist
|
|
karmic |
Does not exist
|
|
lucid |
Does not exist
|
|
maverick |
Does not exist
|
|
natty |
Does not exist
|
|
oneiric |
Does not exist
|
|
upstream |
Needs triage
|
|
zope3 Launchpad, Ubuntu, Debian |
dapper |
Released
(3.2.1-1ubuntu1.2)
|
hardy |
Released
(3.3.1-5ubuntu2.2)
|
|
intrepid |
Released
(3.3.1-7ubuntu0.2)
|
|
jaunty |
Released
(3.4.0-0ubuntu3.3)
|
|
karmic |
Does not exist
|
|
lucid |
Does not exist
|
|
maverick |
Does not exist
|
|
natty |
Does not exist
|
|
oneiric |
Does not exist
|
|
upstream |
Needs triage
|
|
Patches: vendor: https://bugzilla.redhat.com/attachment.cgi?id=354876 |