Lucene search
HistoryAug 12, 2012 - 4:55 p.m.
CVE-2012-2968
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
6.7 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
66.0%
Directory traversal vulnerability in Caucho Quercus, as distributed in Resin before 4.0.29, allows remote attackers to create files in arbitrary directories via a … (dot dot) in a pathname within an HTTP request.
Affected configurations
Node
cauchoresinRange≤4.0.28
ORcauchoresinMatch2.0.0
ORcauchoresinMatch2.0.1
ORcauchoresinMatch2.0.2
ORcauchoresinMatch2.0.3
ORcauchoresinMatch2.0.4
ORcauchoresinMatch2.0.5
ORcauchoresinMatch2.1.0
ORcauchoresinMatch2.1.1
ORcauchoresinMatch2.1.2
ORcauchoresinMatch2.1.3
ORcauchoresinMatch2.1.4
ORcauchoresinMatch2.1.5
ORcauchoresinMatch2.1.6
ORcauchoresinMatch2.1.7
ORcauchoresinMatch2.1.8
ORcauchoresinMatch2.1.9
ORcauchoresinMatch2.1.10
ORcauchoresinMatch2.1.11
ORcauchoresinMatch2.1.12
ORcauchoresinMatch2.1.13
ORcauchoresinMatch2.1.14
ORcauchoresinMatch2.1.15
ORcauchoresinMatch2.1.16
ORcauchoresinMatch2.1.snap
ORcauchoresinMatch3.0.0
ORcauchoresinMatch3.0.1beta
ORcauchoresinMatch3.0.2beta
ORcauchoresinMatch3.0.3
ORcauchoresinMatch3.0.4
ORcauchoresinMatch3.0.5
ORcauchoresinMatch3.0.6
ORcauchoresinMatch3.0.7
ORcauchoresinMatch3.0.8
ORcauchoresinMatch3.0.9
ORcauchoresinMatch3.0.10
ORcauchoresinMatch3.0.11
ORcauchoresinMatch3.0.12
ORcauchoresinMatch3.0.13
ORcauchoresinMatch3.0.14
ORcauchoresinMatch3.0.15
ORcauchoresinMatch3.0.16
ORcauchoresinMatch3.0.17
ORcauchoresinMatch3.0.18
ORcauchoresinMatch3.0.19
ORcauchoresinMatch3.0.20
ORcauchoresinMatch3.1.0
ORcauchoresinMatch3.1.1
ORcauchoresinMatch3.1.2
ORcauchoresinMatch3.1.3
ORcauchoresinMatch3.1.4
ORcauchoresinMatch3.1.5
ORcauchoresinMatch3.1.6
ORcauchoresinMatch3.1.7
ORcauchoresinMatch3.1.8
ORcauchoresinMatch3.1.9
ORcauchoresinMatch3.1.10
ORcauchoresinMatch3.1.11
ORcauchoresinMatch3.1.12
ORcauchoresinMatch3.1.13
ORcauchoresinMatch4.0.0
ORcauchoresinMatch4.0.1
ORcauchoresinMatch4.0.2
ORcauchoresinMatch4.0.3
ORcauchoresinMatch4.0.4
ORcauchoresinMatch4.0.5
ORcauchoresinMatch4.0.6
ORcauchoresinMatch4.0.7
ORcauchoresinMatch4.0.8
ORcauchoresinMatch4.0.9
ORcauchoresinMatch4.0.10
ORcauchoresinMatch4.0.11
ORcauchoresinMatch4.0.12
ORcauchoresinMatch4.0.13
ORcauchoresinMatch4.0.14
ORcauchoresinMatch4.0.15
ORcauchoresinMatch4.0.16
ORcauchoresinMatch4.0.17
ORcauchoresinMatch4.0.18
ORcauchoresinMatch4.0.19
ORcauchoresinMatch4.0.20
ORcauchoresinMatch4.0.21
ORcauchoresinMatch4.0.22
ORcauchoresinMatch4.0.23
ORcauchoresinMatch4.0.24
ORcauchoresinMatch4.0.25
ORcauchoresinMatch4.0.26
ORcauchoresinMatch4.0.27
Related
cve
cve
CVE-2012-2968
2022-10-03 16:15:38
prion
prion
Directory traversal
2012-08-12 16:55:00
veracode
veracode
Directory Traversal
2019-03-25 08:40:42
cvelist
cvelist
CVE-2012-2968
2022-10-03 16:15:38
cert
cert
Caucho's Quercus on Resin contains multiple vulnerabilities
2012-07-23 00:00:00
ptsecurity
ptsecurity
PT-2012-05: Multiple Vulnerabilities in Quercus
2012-08-31 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
6.7 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
66.0%
Related for NVD:CVE-2012-2968