CVE-2013-2028 in nginxinformación

Resumen (Inglés)

The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based buffer overflow.

Reservar

2013-02-19

Divulgación

2013-07-19

Voces

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerabilidad	CWE	Exp	Con	CVE
8618	nginx ngx_http_parse.c ngx_http_parse_chunked Ejecución remota de código	189	Alto	Arreglo oficial	CVE-2013-2028

Descripción

CPE

CWE

CVSS

Hazañas

Historia

Diferencia

Relacionar

Inteligencia de amenazas

API JSON

API XML

API CSV

◂ AnteriorVisión De ConjuntoPróximo ▸

Do you need the next level of professionalism?

Upgrade your account now!