4 matches found
CVE-2012-2969
Caucho Quercus, as distributed in Resin before 4.0.29, allows remote attackers to bypass intended restrictions on filename extensions for created files via a %00 sequence in a pathname within an HTTP request...
CVE-2012-2969
CVE-2012-2969 affects Caucho Quercus on Resin prior to 4.0.29. Root cause: Null byte injection in HTTP-request paths (via %00) allows bypassing filename-extension restrictions when creating files. Impact per sources includes potential information disclosure, DoS, or arbitrary code execution with ...
CVE-2012-2969
Caucho Quercus, as distributed in Resin before 4.0.29, allows remote attackers to bypass intended restrictions on filename extensions for created files via a %00 sequence in a pathname within an HTTP request...
Caucho's Quercus on Resin contains multiple vulnerabilities
Overview Caucho's Quercus on Resin contains multiple vulnerabilities which could allow an attacker to execute arbitrary code with the privileges of the application. Description It has been reported that Caucho's Quercus on Resin contains multiple vulnerabilities which could allow an attacker to...