CVE-2017-7529

Sažetak

Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request.

Reference

http://mailman.nginx.org/pipermail/nginx-announce/2017/000200.html
http://www.securityfocus.com/bid/99534
http://www.securitytracker.com/id/1039238
https://puppet.com/security/cve/cve-2017-7529
https://access.redhat.com/errata/RHSA-2017:2538
https://support.apple.com/kb/HT212818
http://seclists.org/fulldisclosure/2021/Sep/36

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

24-01-2022 - 16:46

Objavljeno

13-07-2017 - 13:29