CVE-2010-3198
First published: Wed Sep 08 2010(Updated: )
ZServer in Zope 2.10.x before 2.10.12 and 2.11.x before 2.11.7 allows remote attackers to cause a denial of service (crash of worker threads) via vectors that trigger uncaught exceptions.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zope Zope | =2.10.8 | |
| Zope Zope | =2.10.5 | |
| Zope Zope | =2.10.4-final | |
| Zope Zope | =2.11.1 | |
| Zope Zope | =2.10.7 | |
| Zope Zope | =2.11.3 | |
| Zope Zope | =2.10.10 | |
| Zope Zope | =2.10.11 | |
| Zope Zope | =2.10.0-b1 | |
| Zope Zope | =2.11.0c1 | |
| Zope Zope | =2.11.5 | |
| Zope Zope | =2.11.2 | |
| Zope Zope | =2.10.0-c1 | |
| Zope Zope | =2.11.0 | |
| Zope Zope | =2.11.0a1 | |
| Zope Zope | =2.10.2-b1 | |
| Zope Zope | =2.10.2 | |
| Zope Zope | =2.10.3-final | |
| Zope Zope | =2.10.0-b2 | |
| Zope Zope | =2.10.3 | |
| Zope Zope | =2.10.6 | |
| Zope Zope | =2.10.9 | |
| Zope Zope | =2.10.0-final | |
| Zope Zope | =2.10.2-final | |
| Zope Zope | =2.11.6 | |
| Zope Zope | =2.11.4 | |
| Zope Zope | =2.11.0b1 | |
| pip/Zope | >=2.11.0<2.11.7 | 2.11.7 |
| pip/Zope | >=2.10.0<2.10.12 | 2.10.12 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://mail.zope.org/pipermail/zope-announce/2010-September/002247.html
- http://www.zope.org/Products/Zope/2.10.12/CHANGES.txt
- http://www.vupen.com/english/advisories/2010/2275
- http://www.securityfocus.com/bid/42939
- http://www.zope.org/Products/Zope/2.11.7/CHANGES.txt
- https://bugs.launchpad.net/zope2/+bug/627988
- https://nvd.nist.gov/vuln/detail/CVE-2010-3198
- https://github.com/zopefoundation/Zope/commit/0f2f56f63e4a4d695ee670e02b317e900550dbac
- https://github.com/zopefoundation/Zope/commit/e03a5f036d42ed2426886c9035fe018eeec65de4
- https://web.archive.org/web/20200229173503/http://www.securityfocus.com/bid/42939
- https://github.com/advisories/GHSA-qh4q-fwf8-qqrw (Advisory)
- collector/nvd-historical
- collector/nvd-index
- agent/type
- agent/first-publish-date
- agent/remedy
- collector/github-advisory-latest
- source/GitHub
- alias/GHSA-qh4q-fwf8-qqrw
- alias/CVE-2010-3198
- agent/software-canonical-lookup
- agent/severity
- agent/references
- agent/last-modified-date
- agent/softwarecombine
- agent/description
- agent/event
- collector/nvd-cve
- source/NVD
- agent/author
- collector/github-advisory
- agent/weakness
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/zope
- canonical/zope zope
- version/zope zope/2.10.8
- version/zope zope/2.10.5
- version/zope zope/2.10.4-final
- version/zope zope/2.11.1
- version/zope zope/2.10.7
- version/zope zope/2.11.3
- version/zope zope/2.10.10
- version/zope zope/2.10.11
- version/zope zope/2.10.0-b1
- version/zope zope/2.11.0c1
- version/zope zope/2.11.5
- version/zope zope/2.11.2
- version/zope zope/2.10.0-c1
- version/zope zope/2.11.0
- version/zope zope/2.11.0a1
- version/zope zope/2.10.2-b1
- version/zope zope/2.10.2
- version/zope zope/2.10.3-final
- version/zope zope/2.10.0-b2
- version/zope zope/2.10.3
- version/zope zope/2.10.6
- version/zope zope/2.10.9
- version/zope zope/2.10.0-final
- version/zope zope/2.10.2-final
- version/zope zope/2.11.6
- version/zope zope/2.11.4
- version/zope zope/2.11.0b1
- package-manager/pip