Home

CVE-2016-0746

Description

Use-after-free vulnerability in the resolver in nginx 0.6.18 through 1.8.0 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (worker process crash) or possibly have unspecified other impact via a crafted DNS response related to CNAME response processing.

Risk Information

Base Score
9.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
14.006

Associated Vulnerability

VulnerabilityOS Platform
Update Nginx to 9.1.19Windows
Update Nginx to 9.1.5Windows
Update Nginx to 9.1.8Windows
Update Nginx to 9.2.14Windows
Update Nginx to 9.2.19Windows
Update Nginx to 9.2.3Windows
Update Nginx to 9.2.7Windows
Update Nginx to 9.3.10Windows
Update Nginx to 9.3.15Windows
Update Nginx to 9.3.17Windows
small, powerful, scalable web/proxy server (USN-2351-1) nginx-core_1.4.6-1ubuntu3.4_i386.debLinux
small, powerful, scalable web/proxy server (USN-2351-1) nginx-core_1.4.6-1ubuntu3.4_amd64.debLinux
small, powerful, scalable web/proxy server (USN-2351-1) nginx-full_1.4.6-1ubuntu3.4_i386.debLinux
small, powerful, scalable web/proxy server (USN-2351-1) nginx-full_1.4.6-1ubuntu3.4_amd64.debLinux
small, powerful, scalable web/proxy server (USN-2351-1) nginx-light_1.4.6-1ubuntu3.4_i386.debLinux
small, powerful, scalable web/proxy server (USN-2351-1) nginx-light_1.4.6-1ubuntu3.4_amd64.debLinux
small, powerful, scalable web/proxy server (USN-2351-1) nginx-naxsi_1.4.6-1ubuntu3.4_i386.debLinux
small, powerful, scalable web/proxy server (USN-2351-1) nginx-naxsi_1.4.6-1ubuntu3.4_amd64.debLinux
small, powerful, scalable web/proxy server (USN-2351-1) nginx-extras_1.4.6-1ubuntu3.4_i386.debLinux
small, powerful, scalable web/proxy server (USN-2351-1) nginx-extras_1.4.6-1ubuntu3.4_amd64.debLinux
small, powerful, scalable web/proxy server (USN-2892-1) nginx-core_1.4.6-1ubuntu3.4_i386.debLinux
small, powerful, scalable web/proxy server (USN-2892-1) nginx-core_1.4.6-1ubuntu3.4_amd64.debLinux
small, powerful, scalable web/proxy server (USN-2892-1) nginx-core_1.9.3-1ubuntu1.1_i386.debLinux
small, powerful, scalable web/proxy server (USN-2892-1) nginx-core_1.9.3-1ubuntu1.1_amd64.debLinux
small, powerful, scalable web/proxy server (USN-2892-1) nginx-full_1.4.6-1ubuntu3.4_i386.debLinux
small, powerful, scalable web/proxy server (USN-2892-1) nginx-full_1.4.6-1ubuntu3.4_amd64.debLinux
small, powerful, scalable web/proxy server (USN-2892-1) nginx-full_1.9.3-1ubuntu1.1_i386.debLinux
small, powerful, scalable web/proxy server (USN-2892-1) nginx-full_1.9.3-1ubuntu1.1_amd64.debLinux
small, powerful, scalable web/proxy server (USN-2892-1) nginx-light_1.4.6-1ubuntu3.4_i386.debLinux
small, powerful, scalable web/proxy server (USN-2892-1) nginx-light_1.4.6-1ubuntu3.4_amd64.debLinux
small, powerful, scalable web/proxy server (USN-2892-1) nginx-light_1.9.3-1ubuntu1.1_i386.debLinux
small, powerful, scalable web/proxy server (USN-2892-1) nginx-light_1.9.3-1ubuntu1.1_amd64.debLinux
small, powerful, scalable web/proxy server (USN-2892-1) nginx-extras_1.4.6-1ubuntu3.4_i386.debLinux
small, powerful, scalable web/proxy server (USN-2892-1) nginx-extras_1.4.6-1ubuntu3.4_amd64.debLinux
small, powerful, scalable web/proxy server (USN-2892-1) nginx-extras_1.9.3-1ubuntu1.1_i386.debLinux
small, powerful, scalable web/proxy server (USN-2892-1) nginx-extras_1.9.3-1ubuntu1.1_amd64.debLinux
Update Nginx to 9.1.19 (For Linux)Linux
Update Nginx to 9.1.5 (For Linux)Linux
Update Nginx to 9.1.8 (For Linux)Linux
Update Nginx to 9.2.14 (For Linux)Linux
Update Nginx to 9.2.19 (For Linux)Linux
Update Nginx to 9.2.3 (For Linux)Linux
Update Nginx to 9.2.7 (For Linux)Linux
Update Nginx to 9.3.10 (For Linux)Linux
Update Nginx to 9.3.15 (For Linux)Linux
Update Nginx to 9.3.17 (For Linux)Linux
Use After Free Vulnerability (CVE-2016-0746)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234