CVE-2018-16845 Information
Share on:Description
nginx before versions 1.15.6 1.14.1 has a vulnerability in the ngx_http_mp4_module which might allow an attacker to cause infinite loop in a worker process cause a worker process crash or might result in worker process memory disclosure by using a specially crafted mp4 file. The issue only affects nginx if it is built with the ngx_http_mp4_module (the module is not built by default) and the .mp4. directive is used in the configuration file. Further the attack is only possible if an attacker is able to trigger processing of a specially crafted mp4 file with the ngx_http_mp4_module.
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
Reference
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00035.html http://mailman.nginx.org/pipermail/nginx-announce/2018/000221.html http://www.securityfocus.com/bid/105868 http://www.securitytracker.com/id/1042039 https://access.redhat.com/errata/RHSA-2018:3652 https://access.redhat.com/errata/RHSA-2018:3653 https://access.redhat.com/errata/RHSA-2018:3680 https://access.redhat.com/errata/RHSA-2018:3681 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16845 https://lists.debian.org/debian-lts-announce/2018/11/msg00010.html https://usn.ubuntu.com/3812-1/ https://www.debian.org/security/2018/dsa-4335
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
REQUIRED
Confidentiality Impact
UNCHANGED
Integrity Impact
LOW
Availability Impact
NONE
Base Score
HIGH
Base Severity
6.1