CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
95.9%
The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9
through 1.4.0 allows remote attackers to cause a denial of service (crash)
and execute arbitrary code via a chunked Transfer-Encoding request with a
large chunk size, which triggers an integer signedness error and a
stack-based buffer overflow.
Author | Note |
---|---|
mdeslaur | upstream says βThe problem affects nginx 1.3.9 - 1.4.0.β code doesnβt seem present in version 1.2.x in the archive |