Description

Caucho Quercus, as distributed in Resin before 4.0.29, does not properly handle unspecified characters in the names of variables, which has unknown impact and remote attack vectors, related to an "HTTP Parameter Contamination" issue.

Remediation

References

CVE-2012-2965

Related Vulnerabilities

WordPress Plugin Easy Banners Cross-Site Scripting (1.4)

PHP Other Vulnerability (CVE-2007-0909)

Oracle Application Server Other Vulnerability (CVE-2002-0656)

MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-4301)

Lighttpd Resource Management Errors Vulnerability (CVE-2008-0983)

Severity

High

Classification

CVE-2012-2965 CWE-20

Tags

Missing Update Known Vulnerabilities