CVE Vulnerabilities

CVE-2009-2701

Published: Sep 08, 2009 | Modified: Sep 09, 2009
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6 MEDIUM
AV:N/AC:M/Au:S/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Unspecified vulnerability in the Zope Enterprise Objects (ZEO) storage-server functionality in Zope Object Database (ZODB) 3.8 before 3.8.3 and 3.9.x before 3.9.0c2, when certain ZEO database sharing and blob support are enabled, allows remote authenticated users to read or delete arbitrary files via unknown vectors.

Affected Software

Name Vendor Start Version End Version
Zodb Zope 3.8 3.8
Zodb Zope 3.8.0 3.8.0
Zodb Zope 3.8.1 3.8.1
Zodb Zope 3.8.2 3.8.2
Zodb Zope 3.9.0 3.9.0
Zodb Zope 3.9.0b1 3.9.0b1
Zodb Zope 3.9.0b2 3.9.0b2
Zodb Zope 3.9.0b3 3.9.0b3
Zodb Zope 3.9.0b4 3.9.0b4
Zodb Zope 3.9.0b5 3.9.0b5
Zodb Zope 3.9.0c1 3.9.0c1

References