Mapserver Security Vulnerabilities and Issues — Mapserver CVE List

Lucene search

UmnMapserver

3 matches found

CVE•added 2009/03/31 6:24 p.m.•66 views

CVE-2009-0843

The msLoadQuery function in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows remote attackers to determine the existence of arbitrary files via a full pathname in the queryfile parameter, which triggers different error messages depending on whether this pathname exists.

7.8CVSS6.4AI score0.01032EPSS

CVE•added 2011/08/01 7:55 p.m.•53 views

CVE-2011-2704

Stack-based buffer overflow in MapServer before 4.10.7 and 5.x before 5.6.7 allows remote attackers to execute arbitrary code via vectors related to OGC filter encoding.

7.5CVSS8AI score0.06405EPSS

CVE•added 2011/08/01 7:55 p.m.•52 views

CVE-2011-2703

Multiple SQL injection vulnerabilities in MapServer before 4.10.7, 5.x before 5.6.7, and 6.x before 6.0.1 allow remote attackers to execute arbitrary SQL commands via vectors related to (1) OGC filter encoding or (2) WMS time support.

7.5CVSS8.4AI score0.01573EPSS