CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2007-4629
https://notcve.org/view.php?id=CVE-2007-4629
31 Aug 2007 — Buffer overflow in the processLine function in maptemplate.c in MapServer before 4.10.3 allows attackers to cause a denial of service and possibly execute arbitrary code via a mapfile with a long layer name, group name, or metadata entry name. Desbordamiento del buffer en la función processLine en maptemplate.c en MapServer en versiones anteriores a 4.10.3 permite a atacantes remotos provocar una caída de servicio y posiblemente ejecutar un código arbitrario a través de un mapfile con un nombre largo de cap... • http://mapserver.gis.umn.edu/download/current/HISTORY.TXT • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2007-4542
https://notcve.org/view.php?id=CVE-2007-4542
27 Aug 2007 — Multiple cross-site scripting (XSS) vulnerabilities in MapServer before 4.10.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the (1) processLine function in maptemplate.c and the (2) writeError function in mapserv.c in the mapserv CGI program. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en MapServer anterior a 4.10.3 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados ... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=439346 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 24%CPEs: 1EXPL: 2CVE-2005-2772 – Gopher 3.0.9 - '+VIEWS' Client-Side Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-2772
02 Sep 2005 — Multiple stack-based buffer overflows in University of Minnesota gopher client 3.0.9 allow remote malicious servers to execute arbitrary code via (1) a long "+VIEWS:" reply, which is not properly handled in the VIfromLine function, and (2) certain arguments when launching third party programs such as a web browser from a web link, which is not properly handled in the FIOgetargv function. • https://www.exploit-db.com/exploits/1187 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2005-1853
https://notcve.org/view.php?id=CVE-2005-1853
03 Aug 2005 — gopher.c in the Gopher client 3.0.5 does not properly create temporary files, which allows local users to gain privileges. gopher.c en el cliente Gopher 3.0.5 no crea adecuadamente los ficheros temporales, lo que permite que usuarios locales ganen privilegios. • http://www.debian.org/security/2005/dsa-770 •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2004-0560
https://notcve.org/view.php?id=CVE-2004-0560
31 Dec 2004 — Integer overflow in gopher daemon (gopherd) 3.0.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted content of a certain size that triggers the overflow. • http://secunia.com/advisories/13855 •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2004-0561
https://notcve.org/view.php?id=CVE-2004-0561
31 Dec 2004 — Format string vulnerability in the log routine for gopher daemon (gopherd) 3.0.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code. • http://secunia.com/advisories/13855 •
CVSS: 9.8EPSS: 8%CPEs: 10EXPL: 2CVE-2003-0805 – University of Minnesota Gopherd 2.0.x/2.3/3.0.x - FTP Gateway Buffer Overflow
https://notcve.org/view.php?id=CVE-2003-0805
19 Sep 2003 — Multiple buffer overflows in UMN gopher daemon (gopherd) 2.x and 3.x before 3.0.6 allows attackers to execute arbitrary code via (1) a long filename as a result of a LIST command, and (2) the GSisText function, which calculates the view-type. Múltiples desbordamientos de búfer en el demonio gopher UNM 2.x y 3.x anteriores a 3.0.6 permite a atacantes ejecutar código arbitrario mediante (1) un nombre de fichero largo resultante de un comando LIST, y (2) la función GSisText, que calcula el view-type • https://www.exploit-db.com/exploits/22893 •
CVSS: 9.8EPSS: 65%CPEs: 12EXPL: 1CVE-2002-0371 – Microsoft Internet Explorer 5/6 / Microsoft ISA Server 2000 / Microsoft Proxy Server 2.0 Gopher Client - Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2002-0371
15 Jun 2002 — Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redirects the user to a real or simulated gopher server that sends a long response. Desbordamiento de búfer en el cliente gopher de Microsoft Internet Explorer 5.1 a la 6.0, Proxy Server 2.0, o ISA Server 2000 permite a atacantes remotos la ejecución de código arbitrario mediante una URL gopher:// que redirige al usu... • https://www.exploit-db.com/exploits/21510 •
CVSS: 10.0EPSS: 6%CPEs: 2EXPL: 1CVE-2000-0743 – UMN Gopherd 2.x - Halidate Function Buffer Overflow
https://notcve.org/view.php?id=CVE-2000-0743
13 Oct 2000 — Buffer overflow in University of Minnesota (UMN) gopherd 2.x allows remote attackers to execute arbitrary commands via a DES key generation request (GDESkey) that contains a long ticket value. • https://www.exploit-db.com/exploits/20157 •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-1999-0124
https://notcve.org/view.php?id=CVE-1999-0124
09 Aug 1993 — Vulnerabilities in UMN gopher and gopher+ versions 1.12 and 2.0x allow an intruder to read any files that can be accessed by the gopher daemon. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0124 •