Lucene search

PRIOn knowledge basePRION:CVE-2012-2967

HistoryAug 12, 2012 - 4:55 p.m.

Design/Logic Flaw

2012-08-1216:55:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

69.0%

JSON

Caucho Quercus, as distributed in Resin before 4.0.29, does not properly implement the == (equals sign equals sign) operator for comparisons, which has unspecified impact and context-dependent attack vectors.

CPENameOperatorVersion
resineq2.0.2
resineq4.0.7
resineq3.1.4
resineq2.1.0
resineq3.1.11
resineq3.0.16
resineq4.0.12
resineq4.0.18
resineq2.1.6
resineq4.0.21

Name	Operator	Version
resin	eq	2.0.2
resin	eq	4.0.7
resin	eq	3.1.4
resin	eq	2.1.0
resin	eq	3.1.11
resin	eq	3.0.16
resin	eq	4.0.12
resin	eq	4.0.18
resin	eq	2.1.6
resin	eq	4.0.21

Rows per page:

1-10 of 881

References

caucho.com/resin-4.0/changes/changes.xtp

en.securitylab.ru/lab/

en.securitylab.ru/lab/PT-2012-05

www.kb.cert.org/vuls/id/309979

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

69.0%

JSON

Related for PRION:CVE-2012-2967