Hal3002

**Name of the Vulnerable Software and Affected Versions** nginx versions 1.3.9 through 1.4.0 **Description** The issue allows remote attackers to cause a denial of service and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size. This triggers an integer signedness error and a stack-based buffer overflow. **Recommendations** For nginx versions 1.3.9 through 1.4.0, update to a version that fixes the integer signedness error and stack-based buffer overflow in the ngx http parse chunked function.