CVE-2012-2089

MEDIUM Year: 2012
CVSS v2 Score
6.8
Medium
Weakness Type
CWE-120
View all →

Vulnerability Description

Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted MP4 file.

Related Vulnerabilities

CVE-2017-16740

CRITICAL
CVSS:10.0(Critical)

A Buffer Overflow issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1400 Controllers, Series B and C Versions 21.002 and earlier. The stack-based buffer overflow vulnerability has b...

CWE-1202017

CVE-2021-33972

CRITICAL
CVSS:10.0(Critical)

Buffer Overflow vulnerability in Qihoo 360 Safe Browser v13.0.2170.0 allows attacker to escalate priveleges.

CWE-1202021

CVE-2021-33975

CRITICAL
CVSS:10.0(Critical)

Buffer Overflow vulnerability in Qihoo 360 Total Security v10.8.0.1060 and v10.8.0.1213 allows attacker to escalate privileges.

CWE-1202021

CVE-2022-20827

CRITICAL
CVSS:10.0(Critical)

Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (D...

CWE-1202022

CVE-2022-22570

CRITICAL
CVSS:10.0(Critical)

A buffer overflow vulnerability found in the UniFi Door Access Reader Lite’s (UA Lite) firmware (Version 3.8.28.24 and earlier) allows a malicious actor who has gained access to a network to control a...

CWE-1202022

CVE-2022-31481

CRITICAL
CVSS:10.0(Critical)

An unauthenticated attacker can send a specially crafted update file to the device that can overflow a buffer. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, ...

CWE-1202022