[NGINX:CVE-2011-4963] Vulnerabilities with Windows directory aliases
Severity
Medium
Affected Packages
1
Unaffected Packages
2
CVEs
1
nginx/Windows 1.3.x before 1.3.1 and 1.2.x before 1.2.1 allows remote attackers to bypass intended access restrictions and access restricted files via (1) a trailing . (dot) or (2) certain "$index_allocation" sequences in a request.
Package | Affected Version |
---|---|
pkg:nginx/nginx?os=windows | >= 0.7.52, <= 1.3.0 |
Package | Unaffected Version |
---|---|
pkg:nginx/nginx?os=windows | >= 1.3.1 |
pkg:nginx/nginx?os=windows | >= 1.2.1 |
- ID
- NGINX:CVE-2011-4963
- Severity
- medium
- Published
-
2012-07-26T19:55:00
(12 years ago) - Modified
-
2012-07-26T19:55:00
(12 years ago) - Rights
- NGINX Security Team
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |