Summary
The 'nginx' program is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data.
Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
Solution
Updates are available. Please see the references for more information.
References
Severity
Classification
-
CVE CVE-2009-2629 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Monkey HTTP Daemon Invalid HTTP 'Connection' Header Denial Of Service Vulnerability
- CERN httpd CGI name heap overflow
- PHP Built-in WebServer 'Content-Length' Denial of Service Vulnerability
- Apache Traffic Server Synthetic Health Checks Remote DoS Vulnerability
- Microsoft Windows Media Services ISAPI Extension Code Execution Vulnerabilities