MapServer HTTP Request Processing Integer Overflow Vulnerability Network Vulnerability

Summary

MapServer is prone to a remote integer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code. Successful exploits will compromise affected computers. Failed exploit attempts will result in a denial-of-service condition. This issue affects MapServer 4.10.x other versions may be vulnerable as well. NOTE: This issue reportedly stems from an incomplete fix for CVE-2009- 0840, which was discussed in BID 34306 (MapServer Multiple Security Vulnerabilities).

Solution

Updates are available. Please see the references for details.

References

http://mapserver.gis.umn.edu/
http://www.securityfocus.com/bid/36802

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-2281

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

ATutor < 1.5.1-pl1 Multiple Flaws
A-Blog 'sources/search.php' SQL Injection Vulnerability
aflog Cookie-Based Authentication Bypass Vulnerability
Acute Control Panel SQL Injection Vulnerability and Remote File Include Vulnerability
Awstats Configuration File Remote Arbitrary Command Execution Vulnerability

Take action and discover your vulnerabilities