CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-0839

Stack-based buffer overflow in mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2, when the server has a map with a long IMAGEPATH or NAME attribute, allows remote attackers to execute arbitrary code via a crafted id parameter in a query action.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.083

EPSS Ranking 91.8%

CVSS Severity

CVSS v2 Score 10.0

References

Products affected by CVE-2009-0839

Osgeo » Mapserver » Version: 4.10.0

cpe:2.3:a:osgeo:mapserver:4.10.0
Osgeo » Mapserver » Version: 4.10.1

cpe:2.3:a:osgeo:mapserver:4.10.1
Osgeo » Mapserver » Version: 4.10.2

cpe:2.3:a:osgeo:mapserver:4.10.2
Osgeo » Mapserver » Version: 4.10.3

cpe:2.3:a:osgeo:mapserver:4.10.3
Osgeo » Mapserver » Version: 4.2.0

cpe:2.3:a:osgeo:mapserver:4.2.0
Osgeo » Mapserver » Version: 4.4.0

cpe:2.3:a:osgeo:mapserver:4.4.0
Osgeo » Mapserver » Version: 4.6.0

cpe:2.3:a:osgeo:mapserver:4.6.0
Osgeo » Mapserver » Version: 4.8.0

cpe:2.3:a:osgeo:mapserver:4.8.0
Osgeo » Mapserver » Version: 5.0.0

cpe:2.3:a:osgeo:mapserver:5.0.0
Osgeo » Mapserver » Version: 5.2.0

cpe:2.3:a:osgeo:mapserver:5.2.0
Osgeo » Mapserver » Version: 5.2.1

cpe:2.3:a:osgeo:mapserver:5.2.1
Umn » Mapserver » Version: 4.0

cpe:2.3:a:umn:mapserver:4.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-0839

Products

Pricing

Contact Us