PT-2010-4637 · Zope · Zope

Do3Cc

Published

2010-09-08

Updated

2022-05-17

CVE-2010-3198

CVSS v4.0

8.7

High

Vector

AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions Zope versions 2.10.x through 2.10.11 Zope versions 2.11.x through 2.11.6

Description The issue allows remote attackers to cause a denial of service, leading to the crash of worker threads, via vectors that trigger uncaught exceptions.

Recommendations For Zope versions 2.10.x through 2.10.11, update to version 2.10.12 or later. For Zope versions 2.11.x through 2.11.6, update to version 2.11.7 or later.

Exploit

Fix

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400

Related Identifiers

CVE-2010-3198

GHSA-QH4Q-FWF8-QQRW

PYSEC-2010-32

PYSEC-2010-33

Affected Products

Zope

PT-2010-4637 · Zope · Zope

CVE-2010-3198

Weakness Enumeration

Related Identifiers

Affected Products

References · 16