CVE-2012-2966

EPSS 1.5%

Caucho Quercus, as distributed in Resin, overwrites entries in SERVER superglobal array on basis of POST parameters

發布日:2022/5/17修改日:2025/4/12

描述

Caucho Quercus, as distributed in Resin before 4.0.29, overwrites entries in the SERVER superglobal array on the basis of POST parameters, which has unspecified impact and remote attack vectors.

受影響套件(1)

Maven/com.caucho:resinfrom 0, < 4.0.29

參考連結(5)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2012-2966
WEBhttp://caucho.com/resin-4.0/changes/changes.xtp
WEBhttp://en.securitylab.ru/lab
WEBhttps://web.archive.org/web/20131210160901/http://en.securitylab.ru:80/lab/PT-2012-05
WEBhttp://www.kb.cert.org/vuls/id/309979