Description

nginx 0.8.36 allows remote attackers to cause a denial of service (crash) via certain encoded directory traversal sequences that trigger memory corruption, as demonstrated using the "%c0.%c0." sequence.

Remediation

References

CVE-2010-2266

Related Vulnerabilities

MySQL CVE-2020-14760 Vulnerability (CVE-2020-14760)

Apache Tomcat version older than 6.0.18

WordPress Plugin JM Twitter Cards Information Disclosure (6.1)

Artifactory Improper Handling of Exceptional Conditions Vulnerability (CVE-2023-42509)

PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-1804)

Severity

Medium

Classification

CVE-2010-2266 CWE-22

Tags

Missing Update Known Vulnerabilities