Description

Caucho Quercus, as distributed in Resin before 4.0.29, allows remote attackers to bypass intended restrictions on filename extensions for created files via a %00 sequence in a pathname within an HTTP request.

Remediation

References

CVE-2012-2969

Related Vulnerabilities

WordPress Plugin Fetch Tweets Unspecified Vulnerability (1.3.3.6)

WordPress 5.9.x Multiple Vulnerabilities (5.9 - 5.9.4)

WordPress Plugin YITH WooCommerce Product Add-Ons Security Bypass (1.5.21)

PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-5625)

MySQL CVE-2013-5894 Vulnerability (CVE-2013-5894)

Severity

Medium

Classification

CVE-2012-2969 CWE-264

Tags

Missing Update Known Vulnerabilities