CVE-2012-2089
- Source
- https://cve.org/CVERecord?id=CVE-2012-2089
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2012-2089.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2012-2089
- Downstream
- Related
- Withdrawn
- 2026-01-27T04:11:08.895306Z
- Published
- 2012-04-17T21:55:01Z
- Modified
- 2026-01-27T04:11:08.895306Z
- Summary
- [none]
- Details
-
Buffer overflow in ngxhttpmp4module.c in the ngxhttpmp4module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted MP4 file.
- References
-
- http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079388.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079467.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079474.html
- http://nginx.org/en/security_advisories.html
- http://www.openwall.com/lists/oss-security/2012/04/12/9
- http://www.securityfocus.com/bid/52999
- http://www.securitytracker.com/id?1026924
- https://exchange.xforce.ibmcloud.com/vulnerabilities/74831