[NGINX:CVE-2012-2089] Buffer overflow in the ngx_http_mp4_module
Severity
Major
Affected Packages
2
Unaffected Packages
2
CVEs
1
Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted MP4 file.
| Package | Affected Version |
|---|---|
 pkg:nginx/nginx
|
>= 1.1.3, <= 1.1.18 |
|
pkg:nginx/nginx
|
>= 1.0.7, <= 1.0.14 |
| Package | Unaffected Version |
|---|---|
|
pkg:nginx/nginx
|
>= 1.1.19 |
|
pkg:nginx/nginx
|
>= 1.0.15 |
- ID
- NGINX:CVE-2012-2089
- Severity
- major
- Published
-
2012-04-17T21:55:01
(12 years ago) - Modified
-
2012-04-17T21:55:01
(12 years ago) - Rights
- NGINX Security Team
- Other Advisories
ALAS-2012-74
FEDORA-2012-6238
FREEBSD:0C14DFA7-879E-11E1-A2A0-00500802D8F7
GLSA-201206-07| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |