CVE-2012-2967

EPSS 1.5%

Caucho Quercus, as distributed in Resin, does not properly implement the `==` operator for comparisons

Published: 5/17/2022Modified: 4/12/2025

Description

Caucho Quercus, as distributed in Resin before 4.0.29, does not properly implement the `==` (equals sign equals sign) operator for comparisons, which has unspecified impact and context-dependent attack vectors.

Affected packages (1)

Maven/com.caucho:resinfrom 0, < 4.0.29

References (5)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2012-2967
WEBhttp://en.securitylab.ru/lab
WEBhttp://en.securitylab.ru/lab/PT-2012-05
WEBhttps://web.archive.org/web/20131210160901/http://en.securitylab.ru:80/lab/PT-2012-05
WEBhttp://www.kb.cert.org/vuls/id/309979