CVE-2010-3198
Summary
| CVE | CVE-2010-3198 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2010-09-08 20:00:00 UTC |
| Updated | 2010-09-10 04:00:00 UTC |
| Description | ZServer in Zope 2.10.x before 2.10.12 and 2.11.x before 2.11.7 allows remote attackers to cause a denial of service (crash of worker threads) via vectors that trigger uncaught exceptions. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Zope | Zope | 2.10.0-b1 | All | All | All |
| Application | Zope | Zope | 2.10.0-b2 | All | All | All |
| Application | Zope | Zope | 2.10.0-c1 | All | All | All |
| Application | Zope | Zope | 2.10.0-final | All | All | All |
| Application | Zope | Zope | 2.10.10 | All | All | All |
| Application | Zope | Zope | 2.10.11 | All | All | All |
| Application | Zope | Zope | 2.10.2 | All | All | All |
| Application | Zope | Zope | 2.10.2-b1 | All | All | All |
| Application | Zope | Zope | 2.10.2-final | All | All | All |
| Application | Zope | Zope | 2.10.3 | All | All | All |
| Application | Zope | Zope | 2.10.3-final | All | All | All |
| Application | Zope | Zope | 2.10.4-final | All | All | All |
| Application | Zope | Zope | 2.10.5 | All | All | All |
| Application | Zope | Zope | 2.10.6 | All | All | All |
| Application | Zope | Zope | 2.10.7 | All | All | All |
| Application | Zope | Zope | 2.10.8 | All | All | All |
| Application | Zope | Zope | 2.10.9 | All | All | All |
| Application | Zope | Zope | 2.11.0 | All | All | All |
| Application | Zope | Zope | 2.11.0a1 | All | All | All |
| Application | Zope | Zope | 2.11.0b1 | All | All | All |
| Application | Zope | Zope | 2.11.0c1 | All | All | All |
| Application | Zope | Zope | 2.11.1 | All | All | All |
| Application | Zope | Zope | 2.11.2 | All | All | All |
| Application | Zope | Zope | 2.11.3 | All | All | All |
| Application | Zope | Zope | 2.11.4 | All | All | All |
| Application | Zope | Zope | 2.11.5 | All | All | All |
| Application | Zope | Zope | 2.11.6 | All | All | All |
| Application | Zope | Zope | 2.10.0-b1 | All | All | All |
| Application | Zope | Zope | 2.10.0-b2 | All | All | All |
| Application | Zope | Zope | 2.10.0-c1 | All | All | All |
| Application | Zope | Zope | 2.10.0-final | All | All | All |
| Application | Zope | Zope | 2.10.10 | All | All | All |
| Application | Zope | Zope | 2.10.11 | All | All | All |
| Application | Zope | Zope | 2.10.2 | All | All | All |
| Application | Zope | Zope | 2.10.2-b1 | All | All | All |
| Application | Zope | Zope | 2.10.2-final | All | All | All |
| Application | Zope | Zope | 2.10.3 | All | All | All |
| Application | Zope | Zope | 2.10.3-final | All | All | All |
| Application | Zope | Zope | 2.10.4-final | All | All | All |
| Application | Zope | Zope | 2.10.5 | All | All | All |
| Application | Zope | Zope | 2.10.6 | All | All | All |
| Application | Zope | Zope | 2.10.7 | All | All | All |
| Application | Zope | Zope | 2.10.8 | All | All | All |
| Application | Zope | Zope | 2.10.9 | All | All | All |
| Application | Zope | Zope | 2.11.0 | All | All | All |
| Application | Zope | Zope | 2.11.0a1 | All | All | All |
| Application | Zope | Zope | 2.11.0b1 | All | All | All |
| Application | Zope | Zope | 2.11.0c1 | All | All | All |
| Application | Zope | Zope | 2.11.1 | All | All | All |
| Application | Zope | Zope | 2.11.2 | All | All | All |
| Application | Zope | Zope | 2.11.3 | All | All | All |
| Application | Zope | Zope | 2.11.4 | All | All | All |
| Application | Zope | Zope | 2.11.5 | All | All | All |
| Application | Zope | Zope | 2.11.6 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Zope.org - Zope 2.11.7 Changelog | CONFIRM | www.zope.org | |
| Bug #627988 “Anonymous can crash Zope2.10 and 2.11” : Bugs : Zope 2 | CONFIRM | bugs.launchpad.net | Exploit, Patch, Vendor Advisory |
| Zope.org - Zope 2.10.12 Changelog | CONFIRM | www.zope.org | |
| [Zope-Annce] Annoucement: Zope 2.10.12 and 2.11.7 Released | MLIST | mail.zope.org | Patch, Vendor Advisory |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | Vendor Advisory |
| Zope Unspecified Denial Of Service Vulnerability | BID | www.securityfocus.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 997369 Python (Pip) Security Update for Zope (GHSA-qh4q-fwf8-qqrw)