Lucene search
Veracode Vulnerability DatabaseVERACODE:13516HistoryMar 25, 2019 - 8:40 a.m.
Insecure Variable Comparison
2019-03-2508:40:42
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
3
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
69.0%
Caucho Quercus uses an insecure variable comparison. When using the == operator for comparison of variables of various types, there is a possibility of variable comparisons to always result in a TRUE state.
| CPE | Name | Operator | Version |
|---|---|---|---|
| resin application server | eq | 3.0.9 |
Related
nvd
nvd
CVE-2012-2967
2012-08-12 16:55:01
cve
cve
CVE-2012-2967
2022-10-03 16:15:38
cvelist
cvelist
CVE-2012-2967
2022-10-03 16:15:38
prion
prion
Design/Logic Flaw
2012-08-12 16:55:00
cert
cert
Caucho's Quercus on Resin contains multiple vulnerabilities
2012-07-23 00:00:00
ptsecurity
ptsecurity
PT-2012-05: Multiple Vulnerabilities in Quercus
2012-08-31 00:00:00
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
69.0%
Related for VERACODE:13516