Back to search
CVE-2016-0746
Published: Feb 15, 2016
Modified: Aug 5, 2024
PUBLISHED
Description
Use-after-free vulnerability in the resolver in nginx 0.6.18 through 1.8.0 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (worker process crash) or possibly have unspecified other impact via a crafted DNS response related to CNAME response processing.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
openSUSE-SU-2016:0371
vendor-advisory
x_refsource_SUSE
https://bto.bluecoat.com/security-advisory/sa115
x_refsource_CONFIRM
GLSA-201606-06
vendor-advisory
x_refsource_GENTOO
1034869
vdb-entry
x_refsource_SECTRACK
[nginx] 20160126 nginx security advisory (CVE-2016-0742, CVE-2016-0746, CVE-2016-0747)
mailing-list
x_refsource_MLIST
RHSA-2016:1425
vendor-advisory
x_refsource_REDHAT
DSA-3473
vendor-advisory
x_refsource_DEBIAN
USN-2892-1
vendor-advisory
x_refsource_UBUNTU
https://bugzilla.redhat.com/show_bug.cgi?id=1302588
x_refsource_CONFIRM
https://support.apple.com/kb/HT212818
x_refsource_CONFIRM
20210921 APPLE-SA-2021-09-20-4 Xcode 13
mailing-list
x_refsource_FULLDISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now