Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-2968

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2012-2968
Last Modified 04 Sep 2012 12:00:00
Published 12 Aug 2012 12:55:01
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-2968

Summary

Directory traversal vulnerability in Caucho Quercus, as distributed in Resin before 4.0.29, allows remote attackers to create files in arbitrary directories via a .. (dot dot) in a pathname within an HTTP request.

Vulnerable Systems

Application

  • Caucho Resin 2.0.0

  • Caucho Resin 2.0.1

  • Caucho Resin 2.0.2

  • Caucho Resin 2.0.3

  • Caucho Resin 2.0.4

  • Caucho Resin 2.0.5

  • Caucho Resin 2.1.0

  • Caucho Resin 2.1.1

  • Caucho Resin 2.1.10

  • Caucho Resin 2.1.11

  • Caucho Resin 2.1.12

  • Caucho Resin 2.1.13

  • Caucho Resin 2.1.14

  • Caucho Resin 2.1.15

  • Caucho Resin 2.1.16

  • Caucho Resin 2.1.2

  • Caucho Resin 2.1.3

  • Caucho Resin 2.1.4

  • Caucho Resin 2.1.5

  • Caucho Resin 2.1.6

  • Caucho Resin 2.1.7

  • Caucho Resin 2.1.8

  • Caucho Resin 2.1.9

  • Caucho Resin 2.1.snap

  • Caucho Resin 3.0.0

  • Caucho Resin 3.0.1

  • Caucho Resin 3.0.10

  • Caucho Resin 3.0.11

  • Caucho Resin 3.0.12

  • Caucho Resin 3.0.13

  • Caucho Resin 3.0.14

  • Caucho Resin 3.0.15

  • Caucho Resin 3.0.16

  • Caucho Resin 3.0.17

  • Caucho Resin 3.0.18

  • Caucho Resin 3.0.19

  • Caucho Resin 3.0.2

  • Caucho Resin 3.0.20

  • Caucho Resin 3.0.3

  • Caucho Resin 3.0.4

  • Caucho Resin 3.0.5

  • Caucho Resin 3.0.6

  • Caucho Resin 3.0.7

  • Caucho Resin 3.0.8

  • Caucho Resin 3.0.9

  • Caucho Resin 3.1.0

  • Caucho Resin 3.1.1

  • Caucho Resin 3.1.10

  • Caucho Resin 3.1.11

  • Caucho Resin 3.1.12

  • Caucho Resin 3.1.13

  • Caucho Resin 3.1.2

  • Caucho Resin 3.1.3

  • Caucho Resin 3.1.4

  • Caucho Resin 3.1.5

  • Caucho Resin 3.1.6

  • Caucho Resin 3.1.7

  • Caucho Resin 3.1.8

  • Caucho Resin 3.1.9

  • Caucho Resin 4.0.0

  • Caucho Resin 4.0.1

  • Caucho Resin 4.0.10

  • Caucho Resin 4.0.11

  • Caucho Resin 4.0.12

  • Caucho Resin 4.0.13

  • Caucho Resin 4.0.14

  • Caucho Resin 4.0.15

  • Caucho Resin 4.0.16

  • Caucho Resin 4.0.17

  • Caucho Resin 4.0.18

  • Caucho Resin 4.0.19

  • Caucho Resin 4.0.2

  • Caucho Resin 4.0.20

  • Caucho Resin 4.0.21

  • Caucho Resin 4.0.22

  • Caucho Resin 4.0.23

  • Caucho Resin 4.0.24

  • Caucho Resin 4.0.25

  • Caucho Resin 4.0.26

  • Caucho Resin 4.0.27

  • Caucho Resin 4.0.28

  • Caucho Resin 4.0.3

  • Caucho Resin 4.0.4

  • Caucho Resin 4.0.5

  • Caucho Resin 4.0.6

  • Caucho Resin 4.0.7

  • Caucho Resin 4.0.8

  • Caucho Resin 4.0.9


References

CERT-VN - VU#309979

MISC - http://en.securitylab.ru/lab/PT-2012-05

MISC - http://en.securitylab.ru/lab/

MISC - http://caucho.com/resin-4.0/changes/changes.xtp


Last Updated: 27 May 2016 11:00:26