Heap-based buffer overflow in the SPDY implementation in nginx 1.3.15 before 1.4.7 and 1.5.x before 1.5.12 allows remote attackers to execute arbitrary code via a crafted request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 20.9% and no vendor patch available.
Nginx
Memory Corruption
Buffer Overflow
RCE
Opensuse
NVD
VulDB
CVSS 2.0
7.5
EPSS
20.9%