Lucene search

K

[email protected]NVD:CVE-2007-4542

HistoryAug 27, 2007 - 9:17 p.m.

CVE-2007-4542

2007-08-2721:17:00

CWE-79

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.6 Medium

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.5%

Multiple cross-site scripting (XSS) vulnerabilities in MapServer before 4.10.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the (1) processLine function in maptemplate.c and the (2) writeError function in mapserv.c in the mapserv CGI program.

Affected configurations

NVD

Node

university_of_minnesotamapserverRange≤4.10.3

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=439346

mapserver.gis.umn.edu/download/current/HISTORY.TXT/

secunia.com/advisories/26561

secunia.com/advisories/26718

secunia.com/advisories/29688

trac.osgeo.org/mapserver/attachment/ticket/2256/ms-bug-2256-4.8.patch

trac.osgeo.org/mapserver/ticket/2256

www.debian.org/security/2008/dsa-1539

www.securityfocus.com/bid/25582

www.vupen.com/english/advisories/2007/2974

www.redhat.com/archives/fedora-package-announce/2007-September/msg00096.html

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.6 Medium

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.5%

Related for NVD:CVE-2007-4542

ubuntucve1 prion1 debiancve1 cve1 cvelist1 openvas4 nessus3 debian1 fedora1 osv1 seebug1