CVSS: 7.5EPSS: 15%CPEs: 59EXPL: 0CVE-2011-2704
https://notcve.org/view.php?id=CVE-2011-2704
Stack-based buffer overflow in MapServer before 4.10.7 and 5.x before 5.6.7 allows remote attackers to execute arbitrary code via vectors related to OGC filter encoding. Desbordamiento de búfer basado en pila en MapServer anterior a v4.10.7 y v5.x anterior a v5.6.7 permite a atacantes remotos ejecutar código de su elección a través de vectores relacionados con el filtro codificado OGC. • http://lists.osgeo.org/pipermail/mapserver-users/2011-July/069430.html http://secunia.com/advisories/45257 http://secunia.com/advisories/45368 http://trac.osgeo.org/mapserver/ticket/3903 http://www.debian.org/security/2011/dsa-2285 http://www.openwall.com/lists/oss-security/2011/07/19/14 http://www.openwall.com/lists/oss-security/2011/07/20/15 http://www.securityfocus.com/bid/48720 https://bugzilla.redhat.com/show_bug.cgi?id=723293 https://exchange.xforce.ibmclou • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 2.1EPSS: 0%CPEs: 54EXPL: 0CVE-2010-2539
https://notcve.org/view.php?id=CVE-2010-2539
Buffer overflow in the msTmpFile function in maputil.c in mapserv in MapServer before 4.10.6 and 5.x before 5.6.4 allows local users to cause a denial of service via vectors involving names of temporary files. Desbordamiento de búfer en la función msTmpFile en maputil.c en mapserv en MapServer en versiones anteriores a la 4.10.6 y 5.x en versiones anteriores a la 5.6.4, permite a usuarios locales provocar una denegación de servicio mediante vectores que involucran nombres de ficheros temporales. • http://lists.osgeo.org/pipermail/mapserver-users/2010-July/066052.html http://marc.info/?l=oss-security&m=127973381215859&w=2 http://marc.info/?l=oss-security&m=127973754121922&w=2 http://trac.osgeo.org/mapserver/ticket/3484 http://www.securityfocus.com/bid/41855 https://bugzilla.redhat.com/show_bug.cgi?id=617312 https://exchange.xforce.ibmcloud.com/vulnerabilities/60851 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 1%CPEs: 54EXPL: 0CVE-2010-2540
https://notcve.org/view.php?id=CVE-2010-2540
mapserv.c in mapserv in MapServer before 4.10.6 and 5.x before 5.6.4 does not properly restrict the use of CGI command-line arguments that were intended for debugging, which allows remote attackers to have an unspecified impact via crafted arguments. mapserv.c en mapserv en MapServer en versiones anteriores a la 4.10.6 y 5.x en versiones anteriores a la 5.6.4 no restringe de manera apropiada el uso de argumentos de linea de comandos CGI que se establecieron para depuración, lo que permite a atacantes remotos tener un impacto no especificado mediante argumentos manipulados. • http://lists.osgeo.org/pipermail/mapserver-users/2010-July/066052.html http://marc.info/?l=oss-security&m=127973381215859&w=2 http://marc.info/?l=oss-security&m=127973754121922&w=2 http://trac.osgeo.org/mapserver/ticket/3485 http://www.securityfocus.com/bid/41855 https://exchange.xforce.ibmcloud.com/vulnerabilities/60852 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 23%CPEs: 50EXPL: 0CVE-2009-2281
https://notcve.org/view.php?id=CVE-2009-2281
Multiple heap-based buffer underflows in the readPostBody function in cgiutil.c in mapserv in MapServer 4.x through 4.10.4 and 5.x before 5.4.2 allow remote attackers to execute arbitrary code via (1) a crafted Content-Length HTTP header or (2) a large HTTP request, related to an integer overflow that triggers a heap-based buffer overflow. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-0840. Múltiples desbordamiento de búfer basados en memoria dinámica en la función readPostBody en cgiutil.c de mapserv en MapServer v4.x hasta v4.10.4 y v5.x anteriores a v5.4.2, permite a atacantes remotos ejecutar código de su elección a través de (1) una cabecera de HTTP "Content-Length" manipulada o (2) una petición HTTP larga, relacionado con un desbordamiento de entero que provoca una desbordamiento de búfer basado en memoria dinámica. NOTA: Esta vulnerabilidad existe por un corrección incompleta de CVE-2009-0840. • http://security.debian.org/pool/updates/main/m/mapserver/mapserver_4.10.0-5.1+etch4.diff.gz http://security.debian.org/pool/updates/main/m/mapserver/mapserver_5.0.3-3+lenny4.diff.gz http://trac.osgeo.org/mapserver/browser/tags/rel-5-4-2/mapserver/HISTORY.TXT http://trac.osgeo.org/mapserver/ticket/2943 http://www.debian.org/security/2009/dsa-1914 http://www.openwall.com/lists/oss-security/2009/07/01/1 http://www.openwall.com/lists/oss-security/2009/07/01&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 1%CPEs: 42EXPL: 1CVE-2009-1176
https://notcve.org/view.php?id=CVE-2009-1176
mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 does not ensure that the string holding the id parameter ends in a '\0' character, which allows remote attackers to conduct buffer-overflow attacks or have unspecified other impact via a long id parameter in a query action. mapserv.c en mapserv en MapServer v4.x anterior a v4.10.4 y v5.x anterior a v5.2.2 no garantiza que la cadena que soporta el parámetro "id" finalice en un carácter '\0', lo que permite a atacantes remotos dirigir un ataque de desbordamiento de búfer o tener un otro impacto sin especificar a través de un parámetro "id" largo en una acción de consulta. • http://lists.osgeo.org/pipermail/mapserver-users/2009-March/060600.html http://secunia.com/advisories/34603 http://www.positronsecurity.com/advisories/2009-000.html http://www.securityfocus.com/archive/1/502271/100/0/threaded http://www.securityfocus.com/bid/34306 http://www.securitytracker.com/id?1021952 https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00147.html https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00170.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •