Home

CVE-2016-4450

Description

os/unix/ngx_files.c in nginx before 1.10.1 and 1.11.x before 1.11.1 allows remote attackers to cause a denial of service (NULL pointer dereference and worker process crash) via a crafted request, involving writing a client request body to a temporary file.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
4.016

Associated Vulnerability

VulnerabilityOS Platform
Update Nginx to 9.1.19Windows
Update Nginx to 9.1.5Windows
Update Nginx to 9.1.8Windows
Update Nginx to 9.2.14Windows
Update Nginx to 9.2.19Windows
Update Nginx to 9.2.3Windows
Update Nginx to 9.2.7Windows
Update Nginx to 9.3.10Windows
Update Nginx to 9.3.15Windows
Update Nginx to 9.3.17Windows
small, powerful, scalable web/proxy server (USN-2991-1) nginx-core_1.4.6-1ubuntu3.5_i386.debLinux
small, powerful, scalable web/proxy server (USN-2991-1) nginx-core_1.4.6-1ubuntu3.5_amd64.debLinux
small, powerful, scalable web/proxy server (USN-2991-1) nginx-core_1.9.3-1ubuntu1.2_i386.debLinux
small, powerful, scalable web/proxy server (USN-2991-1) nginx-core_1.9.3-1ubuntu1.2_amd64.debLinux
small, powerful, scalable web/proxy server (USN-2991-1) nginx-core_1.10.0-0ubuntu0.16.04.2_i386.debLinux
small, powerful, scalable web/proxy server (USN-2991-1) nginx-core_1.10.0-0ubuntu0.16.04.2_amd64.debLinux
small, powerful, scalable web/proxy server (USN-2991-1) nginx-full_1.4.6-1ubuntu3.5_i386.debLinux
small, powerful, scalable web/proxy server (USN-2991-1) nginx-full_1.4.6-1ubuntu3.5_amd64.debLinux
small, powerful, scalable web/proxy server (USN-2991-1) nginx-full_1.9.3-1ubuntu1.2_i386.debLinux
small, powerful, scalable web/proxy server (USN-2991-1) nginx-full_1.9.3-1ubuntu1.2_amd64.debLinux
small, powerful, scalable web/proxy server (USN-2991-1) nginx-full_1.10.0-0ubuntu0.16.04.2_i386.debLinux
small, powerful, scalable web/proxy server (USN-2991-1) nginx-full_1.10.0-0ubuntu0.16.04.2_amd64.debLinux
small, powerful, scalable web/proxy server (USN-2991-1) nginx-light_1.4.6-1ubuntu3.5_i386.debLinux
small, powerful, scalable web/proxy server (USN-2991-1) nginx-light_1.4.6-1ubuntu3.5_amd64.debLinux
small, powerful, scalable web/proxy server (USN-2991-1) nginx-light_1.9.3-1ubuntu1.2_i386.debLinux
small, powerful, scalable web/proxy server (USN-2991-1) nginx-light_1.9.3-1ubuntu1.2_amd64.debLinux
small, powerful, scalable web/proxy server (USN-2991-1) nginx-light_1.10.0-0ubuntu0.16.04.2_i386.debLinux
small, powerful, scalable web/proxy server (USN-2991-1) nginx-light_1.10.0-0ubuntu0.16.04.2_amd64.debLinux
small, powerful, scalable web/proxy server (USN-2991-1) nginx-extras_1.4.6-1ubuntu3.5_i386.debLinux
small, powerful, scalable web/proxy server (USN-2991-1) nginx-extras_1.4.6-1ubuntu3.5_amd64.debLinux
small, powerful, scalable web/proxy server (USN-2991-1) nginx-extras_1.9.3-1ubuntu1.2_i386.debLinux
small, powerful, scalable web/proxy server (USN-2991-1) nginx-extras_1.9.3-1ubuntu1.2_amd64.debLinux
small, powerful, scalable web/proxy server (USN-2991-1) nginx-extras_1.10.0-0ubuntu0.16.04.2_i386.debLinux
small, powerful, scalable web/proxy server (USN-2991-1) nginx-extras_1.10.0-0ubuntu0.16.04.2_amd64.debLinux
Update Nginx to 9.1.19 (For Linux)Linux
Update Nginx to 9.1.5 (For Linux)Linux
Update Nginx to 9.1.8 (For Linux)Linux
Update Nginx to 9.2.14 (For Linux)Linux
Update Nginx to 9.2.19 (For Linux)Linux
Update Nginx to 9.2.3 (For Linux)Linux
Update Nginx to 9.2.7 (For Linux)Linux
Update Nginx to 9.3.10 (For Linux)Linux
Update Nginx to 9.3.15 (For Linux)Linux
Update Nginx to 9.3.17 (For Linux)Linux
NULL Pointer Dereference Vulnerability (CVE-2016-4450)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234