Home

CVE-2012-2966

Description

Caucho Quercus, as distributed in Resin before 4.0.29, overwrites entries in the SERVER superglobal array on the basis of POST parameters, which has unspecified impact and remote attack vectors.

Risk Information

Base Score
8.6
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
EPSS Score
Exploitation Probability
1.519

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2012-2967,CVE-2012-2966,CVE-2012-2965 are fixed in Caucho - resin 4.0.29Windows
Vulnerabilities CVE-2012-2967,CVE-2012-2966,CVE-2012-2965 are fixed in Caucho - resin for Linux 4.0.29Linux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234