Description

The SPDY implementation in the ngx_http_spdy_module module in nginx 1.5.10 before 1.5.11, when running on a 32-bit platform, allows remote attackers to execute arbitrary code via a crafted request.

Remediation

References

CVE-2014-0088

Related Vulnerabilities

PHPFusion Multiple SQL Injection Vulnerabilities (CVE-2014-8596)

WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker Cross-Site Scripting (7.1.18)

WordPress Plugin Gallery for Social Photo Unspecified Vulnerability (1.0.0.25)

Trac URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2008-2951)

WordPress Plugin G-Lock Double Opt-in Manager 'ajaxbackend.php' SQL Injection (2.6.2)

Severity

High

Classification

CVE-2014-0088 CWE-119

Tags

Missing Update Known Vulnerabilities