The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based buffer overflow.
CVSS v2.0 Score
7.5
/ 10.0
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Information
- Published
- 20 juil. 2013
- Updated
- 11 avr. 2025
- Status
- Deferred
- Source
- secalert@redhat.com
Affected products
f5 nginxAll nginx CVEs →
Versions : 1.4.0
fedoraproject fedora
Versions : 19
Weaknesses (CWE)
CWE-787
References (20)
- http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105176.htmlThird Party Advisory
- http://mailman.nginx.org/pipermail/nginx-announce/2013/000112.htmlMitigationPatchVendor Advisory
- http://nginx.org/download/patch.2013.chunked.txtPatchVendor Advisory
- http://packetstormsecurity.com/files/121675/Nginx-1.3.9-1.4.0-Denial-Of-Service.htmlExploitThird Party AdvisoryVDB Entry
- http://secunia.com/advisories/55181Third Party Advisory
- http://security.gentoo.org/glsa/glsa-201310-04.xmlThird Party Advisory
- http://www.osvdb.org/93037Broken Link
- http://www.securityfocus.com/bid/59699Third Party AdvisoryVDB Entry
- https://github.com/rapid7/metasploit-framework/pull/1834PatchThird Party Advisory
- http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105176.htmlThird Party Advisory
- http://mailman.nginx.org/pipermail/nginx-announce/2013/000112.htmlMitigationPatchVendor Advisory
- http://nginx.org/download/patch.2013.chunked.txtPatchVendor Advisory
- http://packetstormsecurity.com/files/121675/Nginx-1.3.9-1.4.0-Denial-Of-Service.htmlExploitThird Party AdvisoryVDB Entry
- http://secunia.com/advisories/55181Third Party Advisory
- + 5 more references on NVD
Similar CVEs
Other vulnerabilities of type CWE-787
Loading…
Monitor your products
Get automatic alerts for every new CVE affecting your equipment.