VYPR
Critical severity9.8OSV Advisory· Published Mar 15, 2017· Updated Jun 17, 2026

CVE-2017-5522

CVE-2017-5522

Description

Stack-based buffer overflow in MapServer before 6.0.6, 6.2.x before 6.2.4, 6.4.x before 6.4.5, and 7.0.x before 7.0.4 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via vectors involving WFS get feature requests.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

27
  • MapServer/MapserverOSV2 versions
    6.0.3, rel-3-4, rel-3-5-0, …+ 1 more
    • (no CPE)range: 6.0.3, rel-3-4, rel-3-5-0, …
    • (no CPE)range: <6.0.6, <6.2.4, <6.4.5, <7.0.4
  • Osgeo/Mapserver24 versions
    cpe:2.3:a:osgeo:mapserver:*:*:*:*:*:*:*:*+ 23 more
    • cpe:2.3:a:osgeo:mapserver:*:*:*:*:*:*:*:*range: <=6.0.5
    • cpe:2.3:a:osgeo:mapserver:6.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:osgeo:mapserver:6.2.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:osgeo:mapserver:6.2.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:osgeo:mapserver:6.2.0:beta3:*:*:*:*:*:*
    • cpe:2.3:a:osgeo:mapserver:6.2.0:beta4:*:*:*:*:*:*
    • cpe:2.3:a:osgeo:mapserver:6.2.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:osgeo:mapserver:6.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:osgeo:mapserver:6.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:osgeo:mapserver:6.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:osgeo:mapserver:6.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:osgeo:mapserver:6.4.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:osgeo:mapserver:6.4.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:osgeo:mapserver:6.4.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:osgeo:mapserver:6.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:osgeo:mapserver:6.4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:osgeo:mapserver:6.4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:osgeo:mapserver:6.4.4:*:*:*:*:*:*:*
    • cpe:2.3:a:osgeo:mapserver:7.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:osgeo:mapserver:7.0.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:osgeo:mapserver:7.0.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:osgeo:mapserver:7.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:osgeo:mapserver:7.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:osgeo:mapserver:7.0.3:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.