Description

Use-after-free vulnerability in the resolver in nginx 0.6.18 through 1.8.0 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (worker process crash) or possibly have unspecified other impact via a crafted DNS response related to CNAME response processing.

Remediation

References

CVE-2016-0746

Related Vulnerabilities

WordPress Plugin Total Upkeep-WordPress Backup plus Restore & Migrate by BoldGrid Information Disclosure (1.14.9)

phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-4999)

WordPress Plugin Tweet Wheel Spam (0.3)

WordPress Plugin 10Web AI Assistant-AI content writing assistant Security Bypass (1.0.18)

Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-8563)

Severity

Critical

Classification

CVE-2016-0746 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities