BugTraq
Back to list
|
Post reply
[CVE-2012-1622] Apache OFBiz information disclosure vulnerability
Apr 15 2012 01:34PM
Jacopo Cappellato (jacopoc apache org)
CVE-2012-1622: Apache OFBiz 10.04 and later allows remote attackers to execute arbitrary code via unspecified vectors
Severity: Critical
Vendor:
The Apache Software Foundation - Apache OFBiz
======Versions Affected======
Apache OFBiz 10.04 (also known as 10.04.01)
======Description======
Apache OFBiz 10.04 and later allows remote attackers to execute arbitrary code via unspecified vectors
====== Mitigation======
10.04 users should upgrade to 10.04.02
======Credit======
This issue was discovered by Jacopo Cappellato, Apache OFBiz project-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.14 (Darwin)
iQIcBAEBAgAGBQJPis5KAAoJEHpYCQiEevngkJIP/04x7FympWvcFm22aA2nv7eX
v6iL8D9VP8uy3EeClARr1WeiB/7iOHCpqWDH/e1e2UnKdN2qH89KacXS21X+Agfs
XnB1kHtolKpj8/3c1M1ZXu3cYTTAEuM1Ljfp0F2dUO6A7XhnbF05aJhXIWzC75iX
pmhvvHblgq0m1DInEHCP3o4xIYMOhwdXlH7ATcQFXohT4pQ9ZDq1awm3qTp1QFZ0
qvKy65/yIijq6LtqMJBu8eqWEueX0CDD2BcwVLavAtojJVbvTRc2xc4GxgfQv4xa
cDX152Lv5aXeujzFz2auddx9/lYlUSiOw5deO6lH8I7s4XLcG8XY5CCImX0zs9zn
8bUx7blFLmDZWdNxv2XxiX7vy8IlZp+Saul/mQMJUCtD8QY3/Ex7m1p504k6eMNM
v4sZGV0Qv1opCLgQt5Twr2ylaPJyuf2+rhaFbRX0lX4AfQFBZhoKhjOSXJLnsRhq
OoZ610OyqOiXbvJJm5Bg6lB1gK9N2LkOXYMI1qY005Ry2ZSLKVIBHfc39rhleueC
tYVSGaahu89Gip863Zxvj7EIhXx8kRrtoLBg8/v20Le4cNNOaGklolemTEqbTnkq
T3CzAjNWJM6Cs12QwrjdTpj8bGjogoTw7dci+k8joR2rgyhLs8nh/tr2jySX/RAL
0SXUKYG649BA2ZIk18vK
=oXpM
-----END PGP SIGNATURE-----
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
Severity: Critical
Vendor:
The Apache Software Foundation - Apache OFBiz
======Versions Affected======
Apache OFBiz 10.04 (also known as 10.04.01)
======Description======
Apache OFBiz 10.04 and later allows remote attackers to execute arbitrary code via unspecified vectors
====== Mitigation======
10.04 users should upgrade to 10.04.02
======Credit======
This issue was discovered by Jacopo Cappellato, Apache OFBiz project-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.14 (Darwin)
iQIcBAEBAgAGBQJPis5KAAoJEHpYCQiEevngkJIP/04x7FympWvcFm22aA2nv7eX
v6iL8D9VP8uy3EeClARr1WeiB/7iOHCpqWDH/e1e2UnKdN2qH89KacXS21X+Agfs
XnB1kHtolKpj8/3c1M1ZXu3cYTTAEuM1Ljfp0F2dUO6A7XhnbF05aJhXIWzC75iX
pmhvvHblgq0m1DInEHCP3o4xIYMOhwdXlH7ATcQFXohT4pQ9ZDq1awm3qTp1QFZ0
qvKy65/yIijq6LtqMJBu8eqWEueX0CDD2BcwVLavAtojJVbvTRc2xc4GxgfQv4xa
cDX152Lv5aXeujzFz2auddx9/lYlUSiOw5deO6lH8I7s4XLcG8XY5CCImX0zs9zn
8bUx7blFLmDZWdNxv2XxiX7vy8IlZp+Saul/mQMJUCtD8QY3/Ex7m1p504k6eMNM
v4sZGV0Qv1opCLgQt5Twr2ylaPJyuf2+rhaFbRX0lX4AfQFBZhoKhjOSXJLnsRhq
OoZ610OyqOiXbvJJm5Bg6lB1gK9N2LkOXYMI1qY005Ry2ZSLKVIBHfc39rhleueC
tYVSGaahu89Gip863Zxvj7EIhXx8kRrtoLBg8/v20Le4cNNOaGklolemTEqbTnkq
T3CzAjNWJM6Cs12QwrjdTpj8bGjogoTw7dci+k8joR2rgyhLs8nh/tr2jySX/RAL
0SXUKYG649BA2ZIk18vK
=oXpM
-----END PGP SIGNATURE-----
[ reply ]