Description

Caucho Quercus, as distributed in Resin before 4.0.29, does not properly implement the == (equals sign equals sign) operator for comparisons, which has unspecified impact and context-dependent attack vectors.

Remediation

References

CVE-2012-2967

Related Vulnerabilities

WordPress Plugin Appointments PHP Object Injection (2.2.1)

Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-6388)

OpenVPN AS Insufficient Session Expiration Vulnerability (CVE-2020-15074)

Ruby Improper Input Validation Vulnerability (CVE-2018-8779)

WordPress Plugin Contact Form by WD-responsive drag & drop contact form builder tool SQL Injection (1.7.30)

Severity

High

Classification

CVE-2012-2967

Tags

Missing Update Known Vulnerabilities