1
Candidate: CVE-2009-4487
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4487
6
nginx 0.7.64 writes data to a log file without sanitizing non-printable
7
characters, which might allow remote attackers to modify a window's title,
8
or possibly execute arbitrary commands or overwrite files, via an HTTP
9
request containing an escape sequence for a terminal emulator.
12
mdeslaur> ignored upstream, so ignored by us too.
14
https://bugs.edge.launchpad.net/ubuntu/+source/nginx/+bug/511681
20
upstream_nginx: needs-triage
22
hardy_nginx: ignored (reached end-of-life)
23
intrepid_nginx: needed (reached end-of-life)
24
jaunty_nginx: ignored (reached end-of-life)
25
karmic_nginx: ignored (reached end-of-life)
27
maverick_nginx: ignored (reached end-of-life)
29
oneiric_nginx: ignored
30
precise_nginx: ignored