Description

The SPDY implementation in the ngx_http_spdy_module module in nginx 1.5.10 before 1.5.11, when running on a 32-bit platform, allows remote attackers to execute arbitrary code via a crafted request.

Remediation

References

CVE-2014-0088

Related Vulnerabilities

WordPress Plugin PowerPack Lite for Beaver Builder Cross-Site Scripting (1.2.9.2)

WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-5106)

Squid Insufficient Verification of Data Authenticity Vulnerability (CVE-2016-4554)

Jenkins Deserialization of Untrusted Data Vulnerability (CVE-2018-1000861)

Oracle Database Server Other Vulnerability (CVE-2002-0843)

Severity

High

Classification

CVE-2014-0088 CWE-119

Tags

Missing Update Known Vulnerabilities