← Back

CVE-2009-2701

nvd nist
Published: Sep 8, 2009Modified: Apr 23, 2026

JSON object

Loading...
6.0
Vector
AV:N/AC:M/Au:S/C:P/I:P/A:P
Exploitability: 6.8 / Impact: 6.4
Source: NVD

Description

Unspecified vulnerability in the Zope Enterprise Objects (ZEO) storage-server functionality in Zope Object Database (ZODB) 3.8 before 3.8.3 and 3.9.x before 3.9.0c2, when certain ZEO database sharing and blob support are enabled, allows remote authenticated users to read or delete arbitrary files via unknown vectors.

Affected (11)

Products: Zope: Zodb
Zope
1 product
Zodb
Configuration A
11 vulnerable
Vulnerable SoftwareAffected Versions
Zope
Zodb
Version 3.8.0
Zodb
Version 3.8.1
Zodb
Version 3.8.2
Zodb
Version 3.8
Zodb
Version 3.9.0
Zodb
Version 3.9.0b1
Zodb
Version 3.9.0b2
Zodb
Version 3.9.0b3
Zodb
Version 3.9.0b4
Zodb
Version 3.9.0b5
Zodb
Version 3.9.0c1

References (8)

Source: cve@mitre.org
Patch
Source: cve@mitre.org
Patch
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Patch

Timeline

No history available yet.