| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2009-0839 | 10.0 |
Stack-based buffer overflow in mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2, when the server has a map with a long IMAGEPATH or NAME attribute, allows remote attackers to execute arbitrary code via a crafted id parameter i
|
07-06-2021 - 15:56 | 31-03-2009 - 18:24 | |
| CVE-2009-0841 | 10.0 |
Directory traversal vulnerability in mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2, when running on Windows with Cygwin, allows remote attackers to create arbitrary files via a .. (dot dot) in the id parameter.
|
01-06-2021 - 13:57 | 31-03-2009 - 18:24 | |
| CVE-2009-0843 | 7.8 |
The msLoadQuery function in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows remote attackers to determine the existence of arbitrary files via a full pathname in the queryfile parameter, which triggers different error messages depe
|
01-06-2021 - 13:57 | 31-03-2009 - 18:24 | |
| CVE-2009-0842 | 4.3 |
mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows remote attackers to read arbitrary invalid .map files via a full pathname in the map parameter, which triggers the display of partial file contents within an error message, as demonst
|
01-06-2021 - 13:57 | 31-03-2009 - 18:24 | |
| CVE-2009-0840 | 10.0 |
Heap-based buffer underflow in the readPostBody function in cgiutil.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows remote attackers to have an unknown impact via a negative value in the Content-Length HTTP header.
|
01-06-2021 - 13:57 | 31-03-2009 - 18:24 |