OFBiz OFBiz - User

[CVE-2012-1622] Apache OFBiz information disclosure vulnerability

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
jacopoc
Reply | Threaded
Open this post in threaded view
|

[CVE-2012-1622] Apache OFBiz information disclosure vulnerability

jacopoc
CVE-2012-1622: Apache OFBiz 10.04 and later allows remote attackers to execute arbitrary code via unspecified vectors

Severity: Critical

Vendor:
The Apache Software Foundation - Apache OFBiz

======Versions Affected======

Apache OFBiz 10.04 (also known as 10.04.01)

======Description======

Apache OFBiz 10.04 and later allows remote attackers to execute arbitrary code via unspecified vectors

====== Mitigation======

10.04 users should upgrade to 10.04.02

======Credit======

This issue was discovered by Jacopo Cappellato, Apache OFBiz project

signature.asc (858 bytes) Download Attachment
Free forum by Nabble Edit this page