1
Candidate: CVE-2010-2266
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2266
5
http://nginx.org/en/security_advisories.html
7
nginx 0.8.36 allows remote attackers to cause a denial of service (crash)
8
via certain encoded directory traversal sequences that trigger memory
9
corruption, as demonstrated using the "%c0.%c0." sequence.
11
sbeattie> upstream claims the issue is windows only
19
upstream_nginx: needs-triage
21
hardy_nginx: not-affected (windows only)
22
jaunty_nginx: ignored (reached end-of-life)
23
karmic_nginx: ignored (reached end-of-life)
24
lucid_nginx: not-affected (windows only)
25
maverick_nginx: not-affected (windows only)
26
natty_nginx: not-affected (windows only)
27
devel_nginx: not-affected (windows only)