MapServer HTTP Request Processing Integer Overflow Vulnerability Network Vulnerability

Summary

MapServer is prone to a remote integer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code. Successful exploits will compromise affected computers. Failed exploit attempts will result in a denial-of-service condition. This issue affects MapServer 4.10.x other versions may be vulnerable as well. NOTE: This issue reportedly stems from an incomplete fix for CVE-2009- 0840, which was discussed in BID 34306 (MapServer Multiple Security Vulnerabilities).

Solution

Updates are available. Please see the references for details.

References

http://mapserver.gis.umn.edu/
http://www.securityfocus.com/bid/36802

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-2281

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

A Really Simple Chat Multiple SQL Injection Vulnerabilities
Ajax File and Image Manager 'data.php' PHP Code Injection Vulnerability
68designs 68kb Multiple Remote File Include Vulnerabilities
Arkeia Appliance Path Traversal Vulnerability
AWStats Totals 'sort' Parameter Remote Command Execution Vulnerabilities

Take action and discover your vulnerabilities