Multiple heap-based buffer underflows in the readPostBody function in cgiutil.c in mapserv in MapServer 4.x up to and including 4.10.4 and 5.x prior to 5.4.2 allow remote malicious users to execute arbitrary code via (1) a crafted Content-Length HTTP header or (2) a large HTTP request, related to an integer overflow that triggers a heap-based buffer overflow. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-0840.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
osgeo mapserver 4.8.0 |
||
osgeo mapserver 4.6.0 |
||
osgeo mapserver 5.2.0 |
||
osgeo mapserver 5.0.0 |
||
osgeo mapserver 5.4.0 |
||
osgeo mapserver 4.10.1 |
||
osgeo mapserver 4.10.0 |
||
osgeo mapserver 4.4.0 |
||
osgeo mapserver 4.2.0 |
||
umn mapserver 4.0 |
||
osgeo mapserver 5.4.1 |
||
osgeo mapserver 4.10.2 |
||
osgeo mapserver 4.10.4 |
||
osgeo mapserver 4.10.3 |