Incorrect Comparison
CVE-2012-2967
Summary
Caucho Quercus, as distributed in Resin versions prior to 4.0.29, does not properly implement the "==" operator for comparisons. This flaw has unspecified impact and context-dependent attack vectors, potentially leading to incorrect application logic or unintended behavior, depending on how the comparison results are used.
- LOW
- NETWORK
- NONE
- PARTIAL
- PARTIAL
- PARTIAL
CWE-697 - Incorrect Comparison
The software compares two entities in a security-relevant context, but the comparison is incorrect, which may lead to resultant weaknesses.
Advisory Timeline
- Published