CVE-2011-4315
published 2011-12-08CVE-2011-4315: Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service…
medium6.8CVSS 3.1
AVNACMAuNCPIPAP
Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | nginx | < nginx 1.1.8-1 (bookworm) | nginx 1.1.8-1 (bookworm) |
| f5 | nginx | >= 0 < 1.1.8-1 | 1.1.8-1 |
| f5 | nginx | >= 0 < 1.1.8-1 | 1.1.8-1 |
| f5 | nginx | >= 0 < 1.1.8-1 | 1.1.8-1 |
| f5 | nginx | >= 0 < 1.1.8-1 | 1.1.8-1 |
| f5 | nginx | >= 0.6.18 < 1.0.10 | 1.0.10 |
| f5 | nginx | 1.1.0 – 1.1.7 | — |
| fedoraproject | fedora | — | — |
| suse | studio | — | — |
| suse | studio_onsite | — | — |
| suse | webyast | — | — |
CVSS provenance
nvd6.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM