CVE-2011-2703

Multiple SQL injection vulnerabilities in MapServer before 4.10.7, 5.x before 5.6.7, and 6.x before 6.0.1 allow remote attackers to execute arbitrary SQL commands via vectors related to 1 OGC filter encoding or 2 WMS time support...

CVE-2011-2703

CVE-2011-2703 describes multiple SQL injection vulnerabilities in MapServer prior to 4.10.7, 5.x prior to 5.6.7, and 6.x prior to 6.0.1. Attack vectors relate to OGC filter encoding and WMS time support, enabling remote attackers to execute arbitrary SQL commands. Impact is partial confidentialit...

Debian DSA-2285-1 : mapserver - several vulnerabilities

Several vulnerabilities have been discovered in mapserver, a CGI-based web framework to publish spatial data and interactive mapping applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2011-2703 Several instances of insufficient escaping of use...

[SECURITY] [DSA 2285-1] mapserver security update

-------------------------------------------------------------------------- Debian Security Advisory DSA-2285-1 [email protected] http://www.debian.org/security/ Nico Golde July 26, 2011 http://www.debian.org/security/faq -...