CVE-2010-2266
published 2010-06-15CVE-2010-2266: nginx 0.8.36 allows remote attackers to cause a denial of service (crash) via certain encoded directory traversal sequences that trigger memory corruption, as…
medium5CVSS 3.1
AVNACLAuNCNINAP
EXPLOIT
nginx 0.8.36 allows remote attackers to cause a denial of service (crash) via certain encoded directory traversal sequences that trigger memory corruption, as demonstrated using the "%c0.%c0." sequence.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | nginx | — | — |
| f5 | nginx | >= 0.7.52 < 0.7.67 | 0.7.67 |
| f5 | nginx | 0.8.0 – 0.8.40 | — |