Nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability Network Vulnerability

Summary

nginx is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of- service conditions. nginx versions 1.1.3 through 1.1.18 and 1.0.7 through 1.0.14 are vulnerable other versions may also be affected.

Solution

Updates are available. Please see the references for more information.

References

http://nginx.org/
http://nginx.org/en/security_advisories.html
http://www.securityfocus.com/bid/52999

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-2089

CVSS	Base Score: 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P

Related Vulnerabilities

iWeb Server URL Directory Traversal Vulnerability
Apache Tomcat Parameter Handling Denial of Service Vulnerability (Win)
Lighttpd Trailing Slash Information Disclosure Vulnerability
bozohttpd Security Bypass Vulnerability
IBM WebSphere Application Server 'plugin-key.kdb' Information Disclosure Vulnerability

nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability

Take action and discover your vulnerabilities