7.5

CVE-2012-2965

Caucho Quercus, as distributed in Resin before 4.0.29, does not properly handle unspecified characters in the names of variables, which has unknown impact and remote attack vectors, related to an "HTTP Parameter Contamination" issue.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CauchoResin Version <= 4.0.28
CauchoResin Version2.0.0
CauchoResin Version2.0.1
CauchoResin Version2.0.2
CauchoResin Version2.0.3
CauchoResin Version2.0.4
CauchoResin Version2.0.5
CauchoResin Version2.1.0
CauchoResin Version2.1.1
CauchoResin Version2.1.2
CauchoResin Version2.1.3
CauchoResin Version2.1.4
CauchoResin Version2.1.5
CauchoResin Version2.1.6
CauchoResin Version2.1.7
CauchoResin Version2.1.8
CauchoResin Version2.1.9
CauchoResin Version2.1.10
CauchoResin Version2.1.11
CauchoResin Version2.1.12
CauchoResin Version2.1.13
CauchoResin Version2.1.14
CauchoResin Version2.1.15
CauchoResin Version2.1.16
CauchoResin Version2.1.snap
CauchoResin Version3.0.0
CauchoResin Version3.0.1 Updatebeta
CauchoResin Version3.0.2 Updatebeta
CauchoResin Version3.0.3
CauchoResin Version3.0.4
CauchoResin Version3.0.5
CauchoResin Version3.0.6
CauchoResin Version3.0.7
CauchoResin Version3.0.8
CauchoResin Version3.0.9
CauchoResin Version3.0.10
CauchoResin Version3.0.11
CauchoResin Version3.0.12
CauchoResin Version3.0.13
CauchoResin Version3.0.14
CauchoResin Version3.0.15
CauchoResin Version3.0.16
CauchoResin Version3.0.17
CauchoResin Version3.0.18
CauchoResin Version3.0.19
CauchoResin Version3.0.20
CauchoResin Version3.1.0
CauchoResin Version3.1.1
CauchoResin Version3.1.2
CauchoResin Version3.1.3
CauchoResin Version3.1.4
CauchoResin Version3.1.5
CauchoResin Version3.1.6
CauchoResin Version3.1.7
CauchoResin Version3.1.8
CauchoResin Version3.1.9
CauchoResin Version3.1.10
CauchoResin Version3.1.11
CauchoResin Version3.1.12
CauchoResin Version3.1.13
CauchoResin Version4.0.0
CauchoResin Version4.0.1
CauchoResin Version4.0.2
CauchoResin Version4.0.3
CauchoResin Version4.0.4
CauchoResin Version4.0.5
CauchoResin Version4.0.6
CauchoResin Version4.0.7
CauchoResin Version4.0.8
CauchoResin Version4.0.9
CauchoResin Version4.0.10
CauchoResin Version4.0.11
CauchoResin Version4.0.12
CauchoResin Version4.0.13
CauchoResin Version4.0.14
CauchoResin Version4.0.15
CauchoResin Version4.0.16
CauchoResin Version4.0.17
CauchoResin Version4.0.18
CauchoResin Version4.0.19
CauchoResin Version4.0.20
CauchoResin Version4.0.21
CauchoResin Version4.0.22
CauchoResin Version4.0.23
CauchoResin Version4.0.24
CauchoResin Version4.0.25
CauchoResin Version4.0.26
CauchoResin Version4.0.27
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.79% 0.822
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.