1. Home
  2. Vulnerabilities
  3. CVE-2010-2263

CVE-2010-2263

CVSS v2.0 5 (Medium)
50% Progress
EPSS 2.70 % (91th)
2.70% Progress
Affected Products 2
Advisories 1
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI.

Weaknesses
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE Status
PUBLISHED
CNA
MITRE
Published Date
2010-06-15 14:04:24
(14 years ago)
Updated Date
2021-11-10 15:52:53
(2 years ago)

Affected Products

F5

Microsoft

Configuration #1

AND
    CPE23 From Up To
OR  
  F5 Nginx from 0.7.52 version and prior 0.7.66 version cpe:2.3:a:f5:nginx >= 0.7.52 < 0.7.66
OR  
  Running on/with
  F5 Nginx from 0.8.0 version and 0.8.39 and prior versions cpe:2.3:a:f5:nginx >= 0.8.0 <= 0.8.39
OR  
  Running on/with
  Microsoft Windows cpe:2.3:o:microsoft:windows:-