Description

Caucho Quercus, as distributed in Resin before 4.0.29, allows remote attackers to bypass intended restrictions on filename extensions for created files via a %00 sequence in a pathname within an HTTP request.

Remediation

References

CVE-2012-2969

Related Vulnerabilities

Moodle Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-21809)

Apache HTTP Server CVE-2003-0789 Vulnerability (CVE-2003-0789)

WordPress Plugin Social Media Flying Icons-Floating Social Media Icon Cross-Site Scripting (2.1)

SharePoint CVE-2024-30100 Vulnerability (CVE-2024-30100)

WordPress Plugin Woody ad snippets-Insert Header Footer Code, AdSense Ads Cross-Site Request Forgery (2.3.9)

Severity

Medium

Classification

CVE-2012-2969 CWE-264

Tags

Missing Update Known Vulnerabilities