[FREEBSD:B28ADC5B-6693-11E7-AD43-F0DEF16C5C1B] nginx -- a specially crafted request might result in an integer overflow

Severity High

Affected Packages 2

CVEs 1

Maxim Dounin reports:

  A security issue was identified in nginx range filter.  A specially
    crafted request might result in an integer overflow and incorrect
    processing of ranges, potentially resulting in sensitive information
    leak (CVE-2017-7529).

Package	Affected Version
pkg:freebsd/nginx-devel	< 1.13.3
pkg:freebsd/nginx	< 1.12.1,2

ID

FREEBSD:B28ADC5B-6693-11E7-AD43-F0DEF16C5C1B

Severity

high

Severity from

CVE-2017-7529

URL

http://vuxml.freebsd.org/freebsd/b28adc5b-6693-11e7-ad43-f0def16c5c1b.html

Published

2017-07-11T00:00:00
(7 years ago)

Modified

2017-07-11T00:00:00
(7 years ago)

Rights

FreeBSD VuXML Security Team

Other Advisories

Source	# ID	Name	URL
FreeBSD VuXML			http://mailman.nginx.org/pipermail/nginx-announce/2017/000200.html

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch	Patch / Fix
Affected	pkg:freebsd/nginx-devel		nginx-devel	< 1.13.3
Affected	pkg:freebsd/nginx		nginx	< 1.12.1,2

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date