NASLDB: Apache OFBiz FlexibleStringExpander Remote Code Execution
General
ID: 59247
Name: Apache OFBiz FlexibleStringExpander Remote Code Execution
Summary: Attempts to execute Java code
Credits: Tenable Network Security, Inc.
Classification
Risk: –
CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS Temporal Vector: CVSS2#E:U/RL:OF/RC:C
Port: 8443
Family: CGI abuses
Type: Remote
Description
The version of Apache OFBiz hosted on the remote host has an arbitrary
code execution vulnerability. Specially crafted input passed to the
getInstance() method of the FlexibleStringExpander class can result in
the evaluation of nested Java Unified Expression Language expressions.
A remote, unauthenticated attacker could exploit this to execute
arbitrary code.
Exploiting
Exploit Available: False
Exploitability Ease: No known exploits are available
Sources
CVE: CVE-2012-1622
OSVDB: –
Bugtraq: –
scipID: –
Timeline
Vulnerability Disclosure: 2012/04/05
Patch Release: 2012/04/15
Plugin Release: 2012/05/23
Plugin
Version: 1.2
Filename: ofbiz_nested_script_rce.nasl
Filesize: 5182 bytes
MD5 Hash: 9d3c86bd259c0f1cd7a28aa5b1c8bfa7
Identification: –
Require Keys: www/ofbiz/port
Dependencies: "ofbiz_detect.nasl"
Copyright: This script is Copyright© 2012 Tenable Network Security, Inc.
- Letzte Plugins
- USN-1611-1 : thunderbird vulnerabilities
- USN-1610-1 : linux vulnerability
- USN-1609-1 : linux-ti-omap4 vulnerability
- SuSE 10 Security Update : PostgreSQL
- RHSA-2012-1364: bind97
- RHSA-2012-1363: bind
- RHSA-2012-1362: thunderbird
- RHSA-2012-1361: xulrunner
- Mandriva Linux Security Advisory : graphicsmagick
- FreeBSD : phpMyAdmin — Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages and Fetching the version information from a non-SSL site is vulnerable to a MITM attack