--Apple-Mail=_99F55024-B832-4266-8770-4E92B719D02C
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=us-ascii

CVE-2012-1622: Apache OFBiz 10.04 and later allows remote attackers to =
execute arbitrary code via unspecified vectors

Severity: Critical

Vendor:
The Apache Software Foundation - Apache OFBiz

=3D=3D=3D=3D=3D=3DVersions Affected=3D=3D=3D=3D=3D=3D

Apache OFBiz 10.04 (also known as 10.04.01)

=3D=3D=3D=3D=3D=3DDescription=3D=3D=3D=3D=3D=3D

Apache OFBiz 10.04 and later allows remote attackers to execute =
arbitrary code via unspecified vectors

=3D=3D=3D=3D=3D=3D Mitigation=3D=3D=3D=3D=3D=3D

10.04 users should upgrade to 10.04.02

=3D=3D=3D=3D=3D=3DCredit=3D=3D=3D=3D=3D=3D

This issue was discovered by Jacopo Cappellato, Apache OFBiz project=

--Apple-Mail=_99F55024-B832-4266-8770-4E92B719D02C
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
	filename=signature.asc
Content-Type: application/pgp-signature;
	name=signature.asc
Content-Description: Message signed with OpenPGP using GPGMail

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.14 (Darwin)

iQIcBAEBAgAGBQJPis5KAAoJEHpYCQiEevngkJIP/04x7FympWvcFm22aA2nv7eX
v6iL8D9VP8uy3EeClARr1WeiB/7iOHCpqWDH/e1e2UnKdN2qH89KacXS21X+Agfs
XnB1kHtolKpj8/3c1M1ZXu3cYTTAEuM1Ljfp0F2dUO6A7XhnbF05aJhXIWzC75iX
pmhvvHblgq0m1DInEHCP3o4xIYMOhwdXlH7ATcQFXohT4pQ9ZDq1awm3qTp1QFZ0
qvKy65/yIijq6LtqMJBu8eqWEueX0CDD2BcwVLavAtojJVbvTRc2xc4GxgfQv4xa
cDX152Lv5aXeujzFz2auddx9/lYlUSiOw5deO6lH8I7s4XLcG8XY5CCImX0zs9zn
8bUx7blFLmDZWdNxv2XxiX7vy8IlZp+Saul/mQMJUCtD8QY3/Ex7m1p504k6eMNM
v4sZGV0Qv1opCLgQt5Twr2ylaPJyuf2+rhaFbRX0lX4AfQFBZhoKhjOSXJLnsRhq
OoZ610OyqOiXbvJJm5Bg6lB1gK9N2LkOXYMI1qY005Ry2ZSLKVIBHfc39rhleueC
tYVSGaahu89Gip863Zxvj7EIhXx8kRrtoLBg8/v20Le4cNNOaGklolemTEqbTnkq
T3CzAjNWJM6Cs12QwrjdTpj8bGjogoTw7dci+k8joR2rgyhLs8nh/tr2jySX/RAL
0SXUKYG649BA2ZIk18vK
=oXpM
-----END PGP SIGNATURE-----

--Apple-Mail=_99F55024-B832-4266-8770-4E92B719D02C--