[NGINX:CVE-2010-2263] Vulnerabilities with Windows file default stream
Severity
Major
Affected Packages
1
Unaffected Packages
2
CVEs
1
nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI.
| Package | Affected Version |
|---|---|
 pkg:nginx/nginx?os=windows
|
>= 0.7.52, <= 0.8.39 |
| Package | Unaffected Version |
|---|---|
|
pkg:nginx/nginx?os=windows
|
>= 0.8.40 |
|
pkg:nginx/nginx?os=windows
|
>= 0.7.66 |
- ID
- NGINX:CVE-2010-2263
- Severity
- major
- Published
-
2010-06-15T14:04:24
(14 years ago) - Modified
-
2010-06-15T14:04:24
(14 years ago) - Rights
- NGINX Security Team
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |