CVE-2013-2028
CVSS v2.0
7.5 (High)
EPSS
15.16 % (96th)
Affected Products
2
Advisories
5
The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based buffer overflow.
- CVE Status
- PUBLISHED
- CNA
- Red Hat, Inc.
- Published Date
-
2013-07-20 03:37:20
(11 years ago) - Updated Date
-
2021-11-10 15:59:33
(2 years ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...