Description

nginx 0.8.36 allows remote attackers to cause a denial of service (crash) via certain encoded directory traversal sequences that trigger memory corruption, as demonstrated using the "%c0.%c0." sequence.

Remediation

References

CVE-2010-2266

Related Vulnerabilities

WebLogic CVE-2023-21931 Vulnerability (CVE-2023-21931)

WordPress Plugin WP-Live Chat by 3CX Multiple Vulnerabilities (4.3.5)

phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-2550)

WordPress Plugin aoringo LOG maker Cross-Site Scripting (0.1.3)

MySQL CVE-2017-3243 Vulnerability (CVE-2017-3243)

Severity

Medium

Classification

CVE-2010-2266 CWE-22

Tags

Missing Update Known Vulnerabilities