University Of Minnesota: >> Mapserver Security Vulnerabilities
Buffer overflow in the processLine function in maptemplate.c in MapServer before 4.10.3 allows attackers to cause a denial of service and possibly execute arbitrary code via a mapfile with a long layer name, group name, or metadata entry name.
CVSS Score
7.5
EPSS Score
0.013
Published
2007-08-31
Multiple cross-site scripting (XSS) vulnerabilities in MapServer before 4.10.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the (1) processLine function in maptemplate.c and the (2) writeError function in mapserv.c in the mapserv CGI program.
CVSS Score
4.3
EPSS Score
0.007
Published
2007-08-27