7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
78.9%
Quercus on Resin
Version 4.0.28 and earlier
Application link:
<http://www.caucho.com/>[](<http://www.ibm.com/software/data/guardium/>)
Quercus on Resin is a Quercus implementation of PHP included in the Resin web server.
Severity level: High
Impact: HTTP Parameter Contamination
Access Vector: Remote
CVSS v2:
Base Score: 7.5
Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVE: CVE-2012-2965
Some special characters in variables names are handled inappropriately, which may be leveraged by attackers. Additionally, attackers may intentionally cause error 500.
Severity level: High
Impact: Variables Globalization and Overwriting
Access Vector: Remote
CVSS v2:
Base Score: 7.5
Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVE: CVE-2012-2966
When parameters are transferred via POST, they globalize and the _SERVER array items may be overwritten.
Severity level: High
Impact: Inappropriate Variable Comparison
Access Vector: Remote
CVSS v2:
Base Score: 7.5
Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVE: CVE-2012-2967
Flexible comparison (using the == operator) various types of variables is implemented inappropriately.
Severity level: Medium
Impact: Path Traversal
Access Vector: Remote
CVSS v2:
Base Score: 5.0
Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)
CVE: CVE-2012-2968
When downloading files, the …/ string may be inserted into filenames (via forging HTTP requests). Such insertion allows downloading files to arbitrary directories (i.e. to conduct Path Traversal).
Severity level: Medium
Impact: Null Byte Injection
Access Vector: Remote
CVSS v2:
Base Score: 6.4
Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:P)
CVE: CVE-2012-2969
When downloading files, null bytes may be inserted into filenames (via forging HTTP requests). As a result of the insertion, the string after the null byte will be dropped. The vulnerability allows attackers to bypass certain checks.
Update your software up to the latest version
23.03.2012 - Vendor is notified
23.03.2012 - Vendor gets vulnerability details
19.04.2012 - Vulnerability details were sent to CERT
13.07.2012 - Vendor releases fixed version and details
31.08.2012 - Public disclosure
The vulnerabilities has discovered by Sergey Scherbel, Positive Research Center (Positive Technologies Company)
<http://en.securitylab.ru/lab/PT-2012-05>
<http://www.kb.cert.org/vuls/id/309979>
Reports on the vulnerabilities previously discovered by Positive Research:
<http://ptsecurity.com/research/advisory/>
<http://en.securitylab.ru/lab/>