Description
NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstrated by a file with a modification date in 1969 that causes an integer overflow (or a false modification date far in the future), when encountered by the autoindex module.
Remediation
References
Related Vulnerabilities
WordPress Plugin SocialFit 'msg' Parameter Cross-Site Scripting (1.2.2)
Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4481)
WordPress Plugin WP Statistics SQL Injection (13.1.4)
Plone CMS Use of Externally-Controlled Format String Vulnerability (CVE-2017-5524)
WordPress Plugin Simple Photo Gallery Cross-Site Scripting (1.8.0)