Mapserver 安全漏洞

Mapserver is an open-source platform developed by the Open Geospatial Foundation, designed for publishing spatial data and interactive map applications to the web. Vulnerabilities existed in MapServer versions from 6.0 to 8.6.2. These vulnerabilities stemmed from the combination of the...

EUVD-2007-4525

Malware in sbrugna...

CVE-2010-1678

Mapserver 5.2, 5.4 and 5.6 before 5.6.5-2 improperly validates symbol index values during Mapfile parsing...

MapServer < 5.6.4 / 4.10.6 Multiple Vulnerabilities

Binary data 5611.prm...

CVE-2009-2281

Multiple heap-based buffer underflows in the readPostBody function in cgiutil.c in mapserv in MapServer 4.x through 4.10.4 and 5.x before 5.4.2 allow remote attackers to execute arbitrary code via 1 a crafted Content-Length HTTP header or 2 a large HTTP request, related to an integer overflow tha...

CVE-2009-0842

mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows remote attackers to read arbitrary invalid .map files via a full pathname in the map parameter, which triggers the display of partial file contents within an error message, as demonstrated by a /tmp/sekrut.map symlink...

CVE-2007-4542

Multiple cross-site scripting XSS vulnerabilities in MapServer before 4.10.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the 1 processLine function in maptemplate.c and the 2 writeError function in mapserv.c in the mapserv CGI program...