VYPR
Critical severity9.8NVD Advisory· Published Apr 12, 2016· Updated Jun 17, 2026

CVE-2016-2170

CVE-2016-2170

Description

Apache OFBiz 12.04.x before 12.04.06 and 13.07.x before 13.07.03 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Apache/Ofbiz2 versions
    cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:*range: >=12.04,<12.04.06
    • (no CPE)range: before 12.04.06 and before 13.07.03

Patches

Vulnerability mechanics

References

16

News mentions

0

No linked articles in our index yet.