Description

Caucho Quercus, as distributed in Resin before 4.0.29, does not properly implement the == (equals sign equals sign) operator for comparisons, which has unspecified impact and context-dependent attack vectors.

Remediation

References

CVE-2012-2967

Related Vulnerabilities

Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-14820)

Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5232)

WordPress Plugin WP Customer Reviews Multiple Vulnerabilities (3.0.8)

WordPress Plugin WooCommerce Cross-Site Scripting (2.2.10)

WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Cross-Site Request Forgery (4.4.3)

Severity

High

Classification

CVE-2012-2967

Tags

Missing Update Known Vulnerabilities