Description

Caucho Quercus, as distributed in Resin before 4.0.29, does not properly handle unspecified characters in the names of variables, which has unknown impact and remote attack vectors, related to an "HTTP Parameter Contamination" issue.

Remediation

References

CVE-2012-2965

Related Vulnerabilities

WordPress Plugin File Manager Unspecified Vulnerability (5.0.0)

WordPress Plugin Compfight Cross-Site Scripting (1.4)

Squid Out-of-bounds Write Vulnerability (CVE-2019-18676)

Django Uncontrolled Resource Consumption Vulnerability (CVE-2019-14232)

Drupal 7PK - Security Features Vulnerability (CVE-2016-3168)

Severity

High

Classification

CVE-2012-2965 CWE-20

Tags

Missing Update Known Vulnerabilities