Description

Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted MP4 file.

Remediation

References

CVE-2012-2089

Related Vulnerabilities

IBM WebSEAL Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1815)

WordPress Plugin YITH WooCommerce Gift Cards Security Bypass (1.3.7)

WordPress Plugin Simple Membership Security Bypass (3.8.5)

MySQL CVE-2016-5612 Vulnerability (CVE-2016-5612)

WordPress Plugin Slider by 10Web-Responsive Image Slider Cross-Site Request Forgery (1.2.22)

Severity

Medium

Classification

CVE-2012-2089 CWE-120

Tags

Missing Update Known Vulnerabilities