Lucene search
HistoryAug 12, 2012 - 4:55 p.m.
CVE-2012-2967
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.5
Confidence
Low
EPSS
0.003
Percentile
71.7%
Caucho Quercus, as distributed in Resin before 4.0.29, does not properly implement the == (equals sign equals sign) operator for comparisons, which has unspecified impact and context-dependent attack vectors.
Affected configurations
Node
cauchoresinRange≤4.0.28
ORcauchoresinMatch2.0.0
ORcauchoresinMatch2.0.1
ORcauchoresinMatch2.0.2
ORcauchoresinMatch2.0.3
ORcauchoresinMatch2.0.4
ORcauchoresinMatch2.0.5
ORcauchoresinMatch2.1.0
ORcauchoresinMatch2.1.1
ORcauchoresinMatch2.1.2
ORcauchoresinMatch2.1.3
ORcauchoresinMatch2.1.4
ORcauchoresinMatch2.1.5
ORcauchoresinMatch2.1.6
ORcauchoresinMatch2.1.7
ORcauchoresinMatch2.1.8
ORcauchoresinMatch2.1.9
ORcauchoresinMatch2.1.10
ORcauchoresinMatch2.1.11
ORcauchoresinMatch2.1.12
ORcauchoresinMatch2.1.13
ORcauchoresinMatch2.1.14
ORcauchoresinMatch2.1.15
ORcauchoresinMatch2.1.16
ORcauchoresinMatch2.1.snap
ORcauchoresinMatch3.0.0
ORcauchoresinMatch3.0.1beta
ORcauchoresinMatch3.0.2beta
ORcauchoresinMatch3.0.3
ORcauchoresinMatch3.0.4
ORcauchoresinMatch3.0.5
ORcauchoresinMatch3.0.6
ORcauchoresinMatch3.0.7
ORcauchoresinMatch3.0.8
ORcauchoresinMatch3.0.9
ORcauchoresinMatch3.0.10
ORcauchoresinMatch3.0.11
ORcauchoresinMatch3.0.12
ORcauchoresinMatch3.0.13
ORcauchoresinMatch3.0.14
ORcauchoresinMatch3.0.15
ORcauchoresinMatch3.0.16
ORcauchoresinMatch3.0.17
ORcauchoresinMatch3.0.18
ORcauchoresinMatch3.0.19
ORcauchoresinMatch3.0.20
ORcauchoresinMatch3.1.0
ORcauchoresinMatch3.1.1
ORcauchoresinMatch3.1.2
ORcauchoresinMatch3.1.3
ORcauchoresinMatch3.1.4
ORcauchoresinMatch3.1.5
ORcauchoresinMatch3.1.6
ORcauchoresinMatch3.1.7
ORcauchoresinMatch3.1.8
ORcauchoresinMatch3.1.9
ORcauchoresinMatch3.1.10
ORcauchoresinMatch3.1.11
ORcauchoresinMatch3.1.12
ORcauchoresinMatch3.1.13
ORcauchoresinMatch4.0.0
ORcauchoresinMatch4.0.1
ORcauchoresinMatch4.0.2
ORcauchoresinMatch4.0.3
ORcauchoresinMatch4.0.4
ORcauchoresinMatch4.0.5
ORcauchoresinMatch4.0.6
ORcauchoresinMatch4.0.7
ORcauchoresinMatch4.0.8
ORcauchoresinMatch4.0.9
ORcauchoresinMatch4.0.10
ORcauchoresinMatch4.0.11
ORcauchoresinMatch4.0.12
ORcauchoresinMatch4.0.13
ORcauchoresinMatch4.0.14
ORcauchoresinMatch4.0.15
ORcauchoresinMatch4.0.16
ORcauchoresinMatch4.0.17
ORcauchoresinMatch4.0.18
ORcauchoresinMatch4.0.19
ORcauchoresinMatch4.0.20
ORcauchoresinMatch4.0.21
ORcauchoresinMatch4.0.22
ORcauchoresinMatch4.0.23
ORcauchoresinMatch4.0.24
ORcauchoresinMatch4.0.25
ORcauchoresinMatch4.0.26
ORcauchoresinMatch4.0.27
| Vendor | Product | Version | CPE |
|---|---|---|---|
| caucho | resin | * | cpe:2.3:a:caucho:resin:*:*:*:*:*:*:*:* |
| caucho | resin | 2.0.0 | cpe:2.3:a:caucho:resin:2.0.0:*:*:*:*:*:*:* |
| caucho | resin | 2.0.1 | cpe:2.3:a:caucho:resin:2.0.1:*:*:*:*:*:*:* |
| caucho | resin | 2.0.2 | cpe:2.3:a:caucho:resin:2.0.2:*:*:*:*:*:*:* |
| caucho | resin | 2.0.3 | cpe:2.3:a:caucho:resin:2.0.3:*:*:*:*:*:*:* |
| caucho | resin | 2.0.4 | cpe:2.3:a:caucho:resin:2.0.4:*:*:*:*:*:*:* |
| caucho | resin | 2.0.5 | cpe:2.3:a:caucho:resin:2.0.5:*:*:*:*:*:*:* |
| caucho | resin | 2.1.0 | cpe:2.3:a:caucho:resin:2.1.0:*:*:*:*:*:*:* |
| caucho | resin | 2.1.1 | cpe:2.3:a:caucho:resin:2.1.1:*:*:*:*:*:*:* |
| caucho | resin | 2.1.2 | cpe:2.3:a:caucho:resin:2.1.2:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2012-2967
2012-08-12 16:55:01
veracode
veracode
Insecure Variable Comparison
2019-03-25 08:40:42
prion
prion
Design/Logic Flaw
2012-08-12 16:55:00
cvelist
cvelist
CVE-2012-2967
2012-08-12 16:00:00
ptsecurity
ptsecurity
PT-2012-05: Multiple Vulnerabilities in Quercus
2012-08-31 00:00:00
cert
cert
Caucho's Quercus on Resin contains multiple vulnerabilities
2012-07-23 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.5
Confidence
Low
EPSS
0.003
Percentile
71.7%
Related for NVD:CVE-2012-2967