Security Portal

Intrusion Prevention Service

Signature Version: 4.982


WEB Nginx ngx_http_parse_chunked Buffer Overflow -1 (CVE-2013-2028)
Threat Level: High
Release Date: 2013/5/14
Category: Buffer Overflow
Signature ID: 1057664
Included In:
Affected OS: Windows, Linux, FreeBSD, Solaris, Other Unix, Mac OS
Description: A stack buffer overflow vulnerability has been reported in Nginx. The vulnerability is due to insufficient validation of chunked data in the ngx_http_parse_chunked() function.
Impact: Remote code execution
Recommendation: Update vendor's patch.
False Positive: None
False Negative: Sightly
Additional Information (Links open in new window):
Reference(s): CVE-2013-2028; CVE-2013-4322

Search the Threat Database
Enter Rule ID or Name