MapServer Multiple Security Vulnerabilities

MapServer is prone to multiple remote vulnerabilities, including buffer-overflow issues, a directory-traversal issue, and information-disclosure issues.

An attacker can exploit these issues to obtain sensitive information, create files in arbitrary locations, run arbitrary code within the context of the affected application, or crash the application, denying service to legitimate users.

Versions prior to MapServer 4.10.4 and 5.2.2 are vulnerable.

UPDATE (June 22, 2009): Fixes for the buffer-overflow vulnerability tracked by CVE-2009-0840 are incomplete; MapServer 4.10.4 and 5.2.2 may still be vulnerable to this issue.


Privacy Statement
Copyright 2010, SecurityFocus