CVE-2011-4315

Severity CVSS v4.0:
Pending analysis
Type:
CWE-787 Out-of-bounds Write
Publication date:
08/12/2011
Last modified:
11/04/2025

Description

Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:* 0.6.18 (including) 1.0.10 (excluding)
cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:* 1.1.0 (including) 1.1.7 (including)
cpe:2.3:o:fedoraproject:fedora:16:*:*:*:*:*:*:*
cpe:2.3:a:suse:studio:1.2:*:*:*:standard:*:*:*
cpe:2.3:a:suse:studio_onsite:1.2:*:*:*:*:*:*:*
cpe:2.3:a:suse:webyast:1.2:*:*:*:*:*:*:*