CVE-2010-2263

Name of the Vulnerable Software and Affected Versions nginx versions 0.8 before 0.8.40 nginx versions 0.7 before 0.7.66

Description The issue allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI, but only when running on Windows.

Recommendations For nginx versions 0.8 before 0.8.40, update to version 0.8.40 or later. For nginx versions 0.7 before 0.7.66, update to version 0.7.66 or later.