Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSV
OSVadded 2009/03/31 6:24 p.m.6 views

CVE-2009-1176

mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 does not ensure that the string holding the id parameter ends in a '\0' character, which allows remote attackers to conduct buffer-overflow attacks or have unspecified other impact via a long id parameter in a query action...

6.8AI score
Exploits0References8
NVD
NVDadded 2009/03/31 6:24 p.m.8 views

CVE-2009-0839

Stack-based buffer overflow in mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2, when the server has a map with a long IMAGEPATH or NAME attribute, allows remote attackers to execute arbitrary code via a crafted id parameter in a query action...

10CVSS7.8AI score0.06436EPSS
Exploits2References11
Prion
Prionadded 2009/03/31 6:24 p.m.11 views

Heap overflow

Heap-based buffer underflow in the readPostBody function in cgiutil.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows remote attackers to have an unknown impact via a negative value in the Content-Length HTTP header...

10CVSS6.9AI score0.02704EPSS
Exploits2References12Affected Software1
Prion
Prionadded 2009/03/31 6:24 p.m.6 views

Design/Logic Flaw

The msLoadQuery function in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows remote attackers to determine the existence of arbitrary files via a full pathname in the queryfile parameter, which triggers different error messages depending on whether this pathname exists...

7.8CVSS7AI score0.01032EPSS
Exploits1References11Affected Software1
UbuntuCve
UbuntuCveadded 2009/03/31 6:24 p.m.18 views

CVE-2009-1176

mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 does not ensure that the string holding the id parameter ends in a '\0' character, which allows remote attackers to conduct buffer-overflow attacks or have unspecified other impact via a long id parameter in a query action...

10CVSS6AI score0.02026EPSS
Exploits2References1
Prion
Prionadded 2009/03/31 6:24 p.m.10 views

Stack overflow

Stack-based buffer overflow in mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2, when the server has a map with a long IMAGEPATH or NAME attribute, allows remote attackers to execute arbitrary code via a crafted id parameter in a query action...

10CVSS8.5AI score0.06436EPSS
Exploits2References11Affected Software1
Prion
Prionadded 2009/03/31 6:24 p.m.8 views

Buffer overflow

mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 does not ensure that the string holding the id parameter ends in a '\0' character, which allows remote attackers to conduct buffer-overflow attacks or have unspecified other impact via a long id parameter in a query action...

10CVSS7.4AI score0.02026EPSS
Exploits2References8Affected Software1
Cvelist
Cvelistadded 2009/03/31 6:0 p.m.15 views

CVE-2009-1177

Multiple stack-based buffer overflows in maptemplate.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 have unknown impact and remote attack vectors...

6.5AI score0.01153EPSS
Exploits2References9
Rows per page
Query Builder