Bugtraq mailing list archives
[CVE-2012-1622] Apache OFBiz information disclosure vulnerability
From: Jacopo Cappellato <jacopoc () apache org>
Date: Sun, 15 Apr 2012 15:34:02 +0200
CVE-2012-1622: Apache OFBiz 10.04 and later allows remote attackers to execute arbitrary code via unspecified vectors Severity: Critical Vendor: The Apache Software Foundation - Apache OFBiz ======Versions Affected====== Apache OFBiz 10.04 (also known as 10.04.01) ======Description====== Apache OFBiz 10.04 and later allows remote attackers to execute arbitrary code via unspecified vectors ====== Mitigation====== 10.04 users should upgrade to 10.04.02 ======Credit====== This issue was discovered by Jacopo Cappellato, Apache OFBiz project
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail
Current thread:
- [CVE-2012-1622] Apache OFBiz information disclosure vulnerability Jacopo Cappellato (Apr 16)