University Of Minnesota » Mapserver : Security Vulnerabilities, CVEs,
Buffer overflow in the processLine function in maptemplate.c in MapServer before 4.10.3 allows attackers to cause a denial of service and possibly execute arbitrary code via a mapfile with a long layer name, group name, or metadata entry name.
Max CVSS
7.5
EPSS Score
1.90%
Published
2007-08-31
Updated
2016-06-15
Multiple cross-site scripting (XSS) vulnerabilities in MapServer before 4.10.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the (1) processLine function in maptemplate.c and the (2) writeError function in mapserv.c in the mapserv CGI program.
Max CVSS
4.3
EPSS Score
0.39%
Published
2007-08-27
Updated
2011-03-08
2 vulnerabilities found