VYPR

Mapserver

by MapServer

Source repositories

CVEs (24)

  • CVE-2009-0841Mar 31, 2009
    risk 0.00cvss epss 0.05

    Directory traversal vulnerability in mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2, when running on Windows with Cygwin, allows remote attackers to create arbitrary files via a .. (dot dot) in the id parameter.

  • CVE-2009-0840Mar 31, 2009
    risk 0.00cvss epss 0.05

    Heap-based buffer underflow in the readPostBody function in cgiutil.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows remote attackers to have an unknown impact via a negative value in the Content-Length HTTP header.

  • CVE-2007-4629Aug 31, 2007
    risk 0.00cvss epss 0.03

    Buffer overflow in the processLine function in maptemplate.c in MapServer before 4.10.3 allows attackers to cause a denial of service and possibly execute arbitrary code via a mapfile with a long layer name, group name, or metadata entry name.

  • CVE-2007-4542Aug 27, 2007
    risk 0.00cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in MapServer before 4.10.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the (1) processLine function in maptemplate.c and the (2) writeError function in mapserv.c in the…

Page 2 of 2