Описание
nginx 0.7.64 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.
Ссылки
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkThird Party AdvisoryVDB Entry
- ExploitPatchThird Party Advisory
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkThird Party AdvisoryVDB Entry
- ExploitPatchThird Party Advisory
Уязвимые конфигурации
EPSS
6.8 Medium
CVSS2
Дефекты
Связанные уязвимости
nginx 0.7.64 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.
nginx 0.7.64 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.
nginx 0.7.64 writes data to a log file without sanitizing non-printabl ...
nginx 0.7.64 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.
EPSS
6.8 Medium
CVSS2