Описание
nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | Windows only |
| hardy | not-affected | Windows only |
| jaunty | not-affected | Windows only |
| karmic | not-affected | Windows only |
| lucid | not-affected | Windows only |
| upstream | released | 0.8.40 |
Показывать по
Ссылки на источники
EPSS
5 Medium
CVSS2
Связанные уязвимости
nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI.
nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows ...
nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI.
EPSS
5 Medium
CVSS2