Description

Caucho Quercus, as distributed in Resin before 4.0.29, overwrites entries in the SERVER superglobal array on the basis of POST parameters, which has unspecified impact and remote attack vectors.

Remediation

References

CVE-2012-2966

Related Vulnerabilities

WordPress Plugin FV Flowplayer Video Player SQL Injection (7.5.15.727)

Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-11327)

WordPress Plugin Paid Memberships Pro-Restrict Member Access to Content, Courses, Communities-Free or Paid Subscriptions Cross-Site Scripting (2.9.8)

SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17310)

IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-7449)

Severity

High

Classification

CVE-2012-2966

Tags

Missing Update Known Vulnerabilities