Lucene search

[email protected]NVD:CVE-2009-1177

HistoryMar 31, 2009 - 6:24 p.m.

CVE-2009-1177

2009-03-3118:24:45

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.6

Confidence

Low

EPSS

0.013

Percentile

85.7%

JSON

Multiple stack-based buffer overflows in maptemplate.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 have unknown impact and remote attack vectors.

Affected configurations

Nvd

Node

osgeomapserverMatch4.2.0beta1

osgeomapserverMatch4.4.0

osgeomapserverMatch4.4.0beta1

osgeomapserverMatch4.4.0beta2

osgeomapserverMatch4.4.0beta3

osgeomapserverMatch4.6.0

osgeomapserverMatch4.6.0beta1

osgeomapserverMatch4.6.0beta2

osgeomapserverMatch4.6.0beta3

osgeomapserverMatch4.6.0rc1

osgeomapserverMatch4.8.0beta1

osgeomapserverMatch4.8.0beta2

osgeomapserverMatch4.8.0beta3

osgeomapserverMatch4.8.0rc1

osgeomapserverMatch4.8.0rc2

osgeomapserverMatch4.10.0

osgeomapserverMatch4.10.0beta1

osgeomapserverMatch4.10.0beta2

osgeomapserverMatch4.10.0beta3

osgeomapserverMatch4.10.0rc1

osgeomapserverMatch4.10.1

osgeomapserverMatch4.10.2

osgeomapserverMatch4.10.3

osgeomapserverMatch5.0.0

osgeomapserverMatch5.0.0beta1

osgeomapserverMatch5.0.0beta2

osgeomapserverMatch5.0.0beta3

osgeomapserverMatch5.0.0beta4

osgeomapserverMatch5.0.0beta5

osgeomapserverMatch5.0.0beta6

osgeomapserverMatch5.0.0rc1

osgeomapserverMatch5.0.0rc2

osgeomapserverMatch5.2.0

osgeomapserverMatch5.2.0beta1

osgeomapserverMatch5.2.0beta2

osgeomapserverMatch5.2.0beta3

osgeomapserverMatch5.2.0beta4

osgeomapserverMatch5.2.0rc1

osgeomapserverMatch5.2.1

umnmapserverMatch4.0

umnmapserverMatch4.0beta1

umnmapserverMatch4.0beta2

VendorProductVersionCPE
osgeomapserver4.2.0cpe:2.3:a:osgeo:mapserver:4.2.0:beta1:*:*:*:*:*:*
osgeomapserver4.4.0cpe:2.3:a:osgeo:mapserver:4.4.0:*:*:*:*:*:*:*
osgeomapserver4.4.0cpe:2.3:a:osgeo:mapserver:4.4.0:beta1:*:*:*:*:*:*
osgeomapserver4.4.0cpe:2.3:a:osgeo:mapserver:4.4.0:beta2:*:*:*:*:*:*
osgeomapserver4.4.0cpe:2.3:a:osgeo:mapserver:4.4.0:beta3:*:*:*:*:*:*
osgeomapserver4.6.0cpe:2.3:a:osgeo:mapserver:4.6.0:*:*:*:*:*:*:*
osgeomapserver4.6.0cpe:2.3:a:osgeo:mapserver:4.6.0:beta1:*:*:*:*:*:*
osgeomapserver4.6.0cpe:2.3:a:osgeo:mapserver:4.6.0:beta2:*:*:*:*:*:*
osgeomapserver4.6.0cpe:2.3:a:osgeo:mapserver:4.6.0:beta3:*:*:*:*:*:*
osgeomapserver4.6.0cpe:2.3:a:osgeo:mapserver:4.6.0:rc1:*:*:*:*:*:*

Vendor	Product	Version	CPE
osgeo	mapserver	4.2.0	cpe:2.3:a:osgeo:mapserver:4.2.0:beta1::::::
osgeo	mapserver	4.4.0	cpe:2.3:a:osgeo:mapserver:4.4.0:::::::*
osgeo	mapserver	4.4.0	cpe:2.3:a:osgeo:mapserver:4.4.0:beta1::::::
osgeo	mapserver	4.4.0	cpe:2.3:a:osgeo:mapserver:4.4.0:beta2::::::
osgeo	mapserver	4.4.0	cpe:2.3:a:osgeo:mapserver:4.4.0:beta3::::::
osgeo	mapserver	4.6.0	cpe:2.3:a:osgeo:mapserver:4.6.0:::::::*
osgeo	mapserver	4.6.0	cpe:2.3:a:osgeo:mapserver:4.6.0:beta1::::::
osgeo	mapserver	4.6.0	cpe:2.3:a:osgeo:mapserver:4.6.0:beta2::::::
osgeo	mapserver	4.6.0	cpe:2.3:a:osgeo:mapserver:4.6.0:beta3::::::
osgeo	mapserver	4.6.0	cpe:2.3:a:osgeo:mapserver:4.6.0:rc1::::::