CVE-2012-1622 - Apache OFBiz 10.04.x before 10.04.02 allows remote attackers to execute arbitrary code via unspecifi

CVE-2012-1622

Summary

Apache OFBiz 10.04.x before 10.04.02 allows remote attackers to execute arbitrary code via unspecified vectors.

References

Vulnerable Configurations

cpe:2.3:a:apache:ofbiz:10.04:*:*:*:*:*:*:*
cpe:2.3:a:apache:ofbiz:10.04:*:*:*:*:*:*:*

CVSS

CWE

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

d2sec via4

name Apache OFBiz 10.04.01 RCE (Windows)
url http://www.d2sec.com/exploits/apache_ofbiz_10.04.01_rce_windows.html
name Apache OFBiz 10.04.01 RCE (Linux)
url http://www.d2sec.com/exploits/apache_ofbiz_10.04.01_rce_linux.html

refmap via4

confirm	http://ofbiz.apache.org/download.html#security
mlist	[ofbiz-user] 20120415 [CVE-2012-1622] Apache OFBiz information disclosure vulnerability

Last major update

14-11-2017 - 18:35

Published

26-10-2017 - 20:29

Last modified

14-11-2017 - 18:35