Description

Caucho Quercus, as distributed in Resin before 4.0.29, overwrites entries in the SERVER superglobal array on the basis of POST parameters, which has unspecified impact and remote attack vectors.

Remediation

References

CVE-2012-2966

Related Vulnerabilities

mod_ssl Other Vulnerability (CVE-2004-0700)

e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4083)

Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2024-35161)

WordPress Plugin WooCommerce Salesforce Integration Cross-Site Scripting (1.5.8)

Jboss EAP Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2019-14379)

Severity

High

Classification

CVE-2012-2966

Tags

Missing Update Known Vulnerabilities