CVE-2011-4963

CVSS v2.0 5 (Medium)

EPSS 0.24 % (65^th)

Affected Products 2

Advisories 1

nginx/Windows 1.3.x before 1.3.1 and 1.2.x before 1.2.1 allows remote attackers to bypass intended access restrictions and access restricted files via (1) a trailing . (dot) or (2) certain "$index_allocation" sequences in a request.

Weaknesses

CWE-NVD-noinfo

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2012-07-26 19:55:00
(12 years ago)
Updated Date: 2021-11-10 15:57:01
(2 years ago)

Affected Products

F5

Nginx

Microsoft

Windows

Configuration #1

AND

		CPE23	From	Up To
OR
	F5 Nginx from 0.7.52 version and prior 1.2.1 version	cpe:2.3:a:f5:nginx	>= 0.7.52	< 1.2.1
OR
	Running on/with
	F5 Nginx 1.3.0	cpe:2.3:a:f5:nginx:1.3.0
OR
	Running on/with
	Microsoft Windows	cpe:2.3:o:microsoft:windows:-