CVE-2012-2967

Caucho Quercus, as distributed in Resin before 4.0.29, does not properly implement the == equals sign equals sign operator for comparisons, which has unspecified impact and context-dependent attack vectors...

acegisecurity:acegi-security-resin (=0.9.0), ch.qos.logback:logback-access (>=${parent.version} <=0.3) +3 more potentially affected by CVE-2012-2967 via com.caucho:resin (=3.0.9)

com.caucho:resin MAVEN version =3.0.9 is affected by a known vulnerability. The following packages have a transitive dependency on com.caucho:resin and may be impacted: - acegisecurity:acegi-security-resin =0.9.0 - ch.qos.logback:logback-access =$parent.version, =2.3.0, =1.0.0, =2.0.0, =2.0.4...

CVE-2012-2967

CVE-2012-2967 affects Caucho Quercus on Resin prior to 4.0.29, where the == operator is not implemented correctly for comparisons. This misimplementation enables context-dependent outcomes and may allow an attacker to influence behavior, with the CVE entry noting unspecified impact. Several conne...

Caucho's Quercus on Resin contains multiple vulnerabilities

Overview Caucho's Quercus on Resin contains multiple vulnerabilities which could allow an attacker to execute arbitrary code with the privileges of the application. Description It has been reported that Caucho's Quercus on Resin contains multiple vulnerabilities which could allow an attacker to...