[NGINX:CVE-2014-0088] SPDY memory corruption

Severity Major

Affected Packages 1

Unaffected Packages 1

CVEs 1

The SPDY implementation in the ngx_http_spdy_module module in nginx 1.5.10 before 1.5.11, when running on a 32-bit platform, allows remote attackers to execute arbitrary code via a crafted request.

Package	Affected Version
pkg:nginx/nginx	>= 1.5.10

Package	Unaffected Version
pkg:nginx/nginx	>= 1.5.11

ID

NGINX:CVE-2014-0088

Severity

major

Published

2014-04-29T14:38:49
(10 years ago)

Modified

2014-04-29T14:38:49
(10 years ago)

Rights

NGINX Security Team

Other Advisories

FREEBSD:89DB3B31-A4C3-11E3-978F-F0DEF16C5C1B

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch	Patch / Fix
Affected	pkg:nginx/nginx		nginx	>= 1.5.10
Unaffected	pkg:nginx/nginx		nginx	>= 1.5.11

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date