Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2009-1176
HistoryMar 31, 2009 - 6:24 p.m.

CVE-2009-1176

2009-03-3118:24:45
CWE-119
[email protected]
web.nvd.nist.gov
36
2
mapserver
cve-2009-1176
buffer-overflow
security vulnerability

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.8 Medium

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.7%

JSON

mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 does not ensure that the string holding the id parameter ends in a โ€˜\0โ€™ character, which allows remote attackers to conduct buffer-overflow attacks or have unspecified other impact via a long id parameter in a query action.

Affected configurations

NVD
Node
osgeomapserverMatch4.2.0beta1
OR
osgeomapserverMatch4.4.0
OR
osgeomapserverMatch4.4.0beta1
OR
osgeomapserverMatch4.4.0beta2
OR
osgeomapserverMatch4.4.0beta3
OR
osgeomapserverMatch4.6.0
OR
osgeomapserverMatch4.6.0beta1
OR
osgeomapserverMatch4.6.0beta2
OR
osgeomapserverMatch4.6.0beta3
OR
osgeomapserverMatch4.6.0rc1
OR
osgeomapserverMatch4.8.0beta1
OR
osgeomapserverMatch4.8.0beta2
OR
osgeomapserverMatch4.8.0beta3
OR
osgeomapserverMatch4.8.0rc1
OR
osgeomapserverMatch4.8.0rc2
OR
osgeomapserverMatch4.10.0
OR
osgeomapserverMatch4.10.0beta1
OR
osgeomapserverMatch4.10.0beta2
OR
osgeomapserverMatch4.10.0beta3
OR
osgeomapserverMatch4.10.0rc1
OR
osgeomapserverMatch4.10.1
OR
osgeomapserverMatch4.10.2
OR
osgeomapserverMatch4.10.3
OR
osgeomapserverMatch5.0.0
OR
osgeomapserverMatch5.0.0beta1
OR
osgeomapserverMatch5.0.0beta2
OR
osgeomapserverMatch5.0.0beta3
OR
osgeomapserverMatch5.0.0beta4
OR
osgeomapserverMatch5.0.0beta5
OR
osgeomapserverMatch5.0.0beta6
OR
osgeomapserverMatch5.0.0rc1
OR
osgeomapserverMatch5.0.0rc2
OR
osgeomapserverMatch5.2.0
OR
osgeomapserverMatch5.2.0beta1
OR
osgeomapserverMatch5.2.0beta2
OR
osgeomapserverMatch5.2.0beta3
OR
osgeomapserverMatch5.2.0beta4
OR
osgeomapserverMatch5.2.0rc1
OR
osgeomapserverMatch5.2.1
OR
umnmapserverMatch4.0
OR
umnmapserverMatch4.0beta1
OR
umnmapserverMatch4.0beta2

Social References

More

Related

debiancve 1
prion 1
cvelist 1
nvd 1
ubuntucve 1
openvas 10
fedora 4
redhatcve 7
nessus 3
seebug 1
debiancve
debiancve
CVE-2009-1176
2009-03-31 18:24:45
prion
prion
Buffer overflow
2009-03-31 18:24:00
cvelist
cvelist
CVE-2009-1176
2009-03-31 18:00:00
nvd
nvd
CVE-2009-1176
2009-03-31 18:24:45
ubuntucve
ubuntucve
CVE-2009-1176
2009-03-31 00:00:00
openvas
openvas
Fedora Core 10 FEDORA-2009-9243 (mapserver)
2009-09-09 00:00:00
Debian: Security Advisory (DSA-1914-1)
2009-10-27 00:00:00
Fedora Core 9 FEDORA-2009-3383 (mapserver)
2009-04-15 00:00:00
fedora
fedora
[SECURITY] Fedora 9 Update: mapserver-5.2.2-1.fc9
2009-04-06 20:33:40
[SECURITY] Fedora 11 Update: mapserver-5.2.3-1.fc11
2009-09-03 00:28:48
[SECURITY] Fedora 10 Update: mapserver-5.2.2-1.fc10
2009-04-06 20:31:48
redhatcve
redhatcve
CVE-2009-0842
2019-10-04 21:26:05
CVE-2009-0840
2019-10-04 21:25:57
CVE-2009-1176
2019-10-04 21:33:23
nessus
nessus
MapServer < 5.2.2 / 4.10.4 Multiple Flaws
2009-04-02 00:00:00
Fedora 9 : mapserver-5.2.2-1.fc9 (2009-3383)
2009-04-07 00:00:00
Fedora 10 : mapserver-5.2.2-1.fc10 (2009-3357)
2009-04-23 00:00:00
seebug
seebug
MapServer mapserv็จ‹ๅบๅคšไธช่ฟœ็จ‹ๅฎ‰ๅ…จๆผๆดž
2009-04-02 00:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.8 Medium

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.7%

JSON
Related for CVE-2009-1176
debiancve1prion1cvelist1nvd1ubuntucve1openvas10fedora4redhatcve7nessus3seebug1