CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
Percentile
90.0%
The remote host is running a nginx HTTP server.
Versions earlier than 1.0.15(stable version) or versions earlier than 1.1.19(development version) are vulnerable to a buffer-overflow vulnerability because it fails to perform adequate checks on user-supplied input. An attacker can exploit this issue by using a specially-crafted mp4 file, allowing the attacker to execute arbitrary code in the context of the application. (CVE-2012-2089)
Binary data 6458.prm