{"id":"CVE-2012-2089","details":"Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted MP4 file.","modified":"2026-04-10T03:44:14.346333Z","published":"2012-04-17T21:55:01Z","related":["openSUSE-SU-2024:10044-1"],"references":[{"type":"ADVISORY","url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079388.html"},{"type":"ADVISORY","url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079467.html"},{"type":"ADVISORY","url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079474.html"},{"type":"ADVISORY","url":"http://nginx.org/en/security_advisories.html"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2012/04/12/9"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/52999"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id?1026924"},{"type":"ADVISORY","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/74831"},{"type":"ARTICLE","url":"http://www.openwall.com/lists/oss-security/2012/04/12/9"},{"type":"FIX","url":"http://nginx.org/en/security_advisories.html"},{"type":"FIX","url":"http://www.openwall.com/lists/oss-security/2012/04/12/9"}],"schema_version":"1.7.5"}