Nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability Network Vulnerability

Summary

nginx is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of- service conditions. nginx versions 1.1.3 through 1.1.18 and 1.0.7 through 1.0.14 are vulnerable other versions may also be affected.

Solution

Updates are available. Please see the references for more information.

References

http://nginx.org/
http://nginx.org/en/security_advisories.html
http://www.securityfocus.com/bid/52999

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-2089
CVSS Base Score: 5.1
AV:N/AC:H/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Apache Directory Listing
httpdx Space Character Remote File Disclosure Vulnerability
bozotic HTTP server Denial of Service Vulnerability
IIS Service Pack - 404
Check for IIS .cnf file leakage

nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability

Take action and discover your vulnerabilities