CyberSec.Space Logo
CVEブラウザに戻る

CVE-2012-3506

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0340%
EPSS Percentile29.40th
Published2012年10月25日
Last Modified2026年4月29日

Vulnerability Description

Unspecified vulnerability in the Apache Open For Business Project (aka OFBiz) 10.04.x before 10.04.03 has unknown impact and attack vectors.

Affected Platforms (CPE)

📦
Apache

Ofbiz

= 10.04.01
📦
Apache

Ofbiz

= 10.04.02

References & Advisories

🔗 http://ofbiz.apache.org/download.html#vulnerabilities
🔗 http://osvdb.org/86556
🔗 http://seclists.org/fulldisclosure/2012/Oct/156
🔗 http://www.securityfocus.com/bid/56171
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/79540
🔗 http://ofbiz.apache.org/download.html#vulnerabilities
🔗 http://osvdb.org/86556
🔗 http://seclists.org/fulldisclosure/2012/Oct/156

関連する脆弱性情報

CVE-2013-225010.0

Apache Open For Business Project (aka OFBiz) 10.04.01 through 10.04.05, 11.04.01 through 11.04.02, and 12.04.01 allows remote atta...

CVE-2018-172009.8

The Apache OFBiz HTTP engine (org.apache.ofbiz.service.engine.HttpEngine.java) handles requests for HTTP services via the /webtool...

CVE-2019-100749.8

An RCE is possible by entering Freemarker markup in an Apache OFBiz Form Widget textarea field when encoding has been disabled on ...

CVE-2019-01899.8

The java.io.ObjectInputStream is known to cause Java serialisation issues. This issue here is exposed by the "webtools/control/htt...