CVE-2009-4487 in NGINX and F5 Networks Products
Published on January 13, 2010
nginx 0.7.64 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.
Products Associated with CVE-2009-4487
stack.watch emails you whenever new vulnerabilities are published in nginx or F5 Networks Nginx. Just hit a watch button to start following.
Exploit Probability
EPSS
2.24%
Percentile
84.44%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.