Description

Caucho Quercus, as distributed in Resin before 4.0.29, allows remote attackers to bypass intended restrictions on filename extensions for created files via a %00 sequence in a pathname within an HTTP request.

Remediation

References

CVE-2012-2969

Related Vulnerabilities

WordPress Plugin ProPlayer SQL Injection (4.7.9.1)

Ruby on Rails Improper Input Validation Vulnerability (CVE-2011-2929)

WebLogic CVE-2020-14841 Vulnerability (CVE-2020-14841)

WordPress Plugin WPS Hide Login Security Bypass (1.5.4.2)

Dot CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-3708)

Severity

Medium

Classification

CVE-2012-2969 CWE-264

Tags

Missing Update Known Vulnerabilities