Description

Caucho Quercus, as distributed in Resin before 4.0.29, allows remote attackers to bypass intended restrictions on filename extensions for created files via a %00 sequence in a pathname within an HTTP request.

Remediation

References

CVE-2012-2969

Related Vulnerabilities

WordPress Plugin Activity Log Multiple Cross-Site Scripting Vulnerabilities (2.3.2)

WordPress Plugin Multivendor Marketplace Solution for WooCommerce-WC Marketplace Cross-Site Request Forgery (3.5.7)

Oracle JRE CVE-2023-22025 Vulnerability (CVE-2023-22025)

WordPress Plugin WordPress File Upload Multiple Vulnerabilities (2.7.6)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-7848)

Severity

Medium

Classification

CVE-2012-2969 CWE-264

Tags

Missing Update Known Vulnerabilities