Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for mapserver by university_of_minnesota

    CVE-2007-4629 (GCVE-0-2007-4629)

    Vulnerability from nvd – Published: 2007-08-31 01:00 – Updated: 2024-08-07 15:01
    VLAI
    Summary
    Buffer overflow in the processLine function in maptemplate.c in MapServer before 4.10.3 allows attackers to cause a denial of service and possibly execute arbitrary code via a mapfile with a long layer name, group name, or metadata entry name.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://trac.osgeo.org/mapserver/ticket/2252 x_refsource_CONFIRM
    http://secunia.com/advisories/29688 third-party-advisoryx_refsource_SECUNIA
    http://mapserver.gis.umn.edu/download/current/HIS… x_refsource_CONFIRM
    http://securityreason.com/securityalert/3082 third-party-advisoryx_refsource_SREASON
    http://secunia.com/advisories/26561 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/26718 third-party-advisoryx_refsource_SECUNIA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://www.vupen.com/english/advisories/2007/2974 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/25582 vdb-entryx_refsource_BID
    https://bugzilla.redhat.com/show_bug.cgi?id=272081 x_refsource_MISC
    http://www.debian.org/security/2008/dsa-1539 vendor-advisoryx_refsource_DEBIAN
    Date Public
    2007-08-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:01:09.881Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://trac.osgeo.org/mapserver/ticket/2252"
              },
              {
                "name": "29688",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/29688"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://mapserver.gis.umn.edu/download/current/HISTORY.TXT/"
              },
              {
                "name": "3082",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/3082"
              },
              {
                "name": "26561",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26561"
              },
              {
                "name": "26718",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26718"
              },
              {
                "name": "FEDORA-2007-2018",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00096.html"
              },
              {
                "name": "ADV-2007-2974",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2974"
              },
              {
                "name": "25582",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/25582"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=272081"
              },
              {
                "name": "DSA-1539",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2008/dsa-1539"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-08-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the processLine function in maptemplate.c in MapServer before 4.10.3 allows attackers to cause a denial of service and possibly execute arbitrary code via a mapfile with a long layer name, group name, or metadata entry name."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-06-10T11:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://trac.osgeo.org/mapserver/ticket/2252"
            },
            {
              "name": "29688",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/29688"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://mapserver.gis.umn.edu/download/current/HISTORY.TXT/"
            },
            {
              "name": "3082",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/3082"
            },
            {
              "name": "26561",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26561"
            },
            {
              "name": "26718",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26718"
            },
            {
              "name": "FEDORA-2007-2018",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00096.html"
            },
            {
              "name": "ADV-2007-2974",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2974"
            },
            {
              "name": "25582",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/25582"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=272081"
            },
            {
              "name": "DSA-1539",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2008/dsa-1539"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-4629",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in the processLine function in maptemplate.c in MapServer before 4.10.3 allows attackers to cause a denial of service and possibly execute arbitrary code via a mapfile with a long layer name, group name, or metadata entry name."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://trac.osgeo.org/mapserver/ticket/2252",
                  "refsource": "CONFIRM",
                  "url": "http://trac.osgeo.org/mapserver/ticket/2252"
                },
                {
                  "name": "29688",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/29688"
                },
                {
                  "name": "http://mapserver.gis.umn.edu/download/current/HISTORY.TXT/",
                  "refsource": "CONFIRM",
                  "url": "http://mapserver.gis.umn.edu/download/current/HISTORY.TXT/"
                },
                {
                  "name": "3082",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/3082"
                },
                {
                  "name": "26561",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26561"
                },
                {
                  "name": "26718",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26718"
                },
                {
                  "name": "FEDORA-2007-2018",
                  "refsource": "FEDORA",
                  "url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00096.html"
                },
                {
                  "name": "ADV-2007-2974",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2974"
                },
                {
                  "name": "25582",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/25582"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=272081",
                  "refsource": "MISC",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=272081"
                },
                {
                  "name": "DSA-1539",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2008/dsa-1539"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-4629",
        "datePublished": "2007-08-31T01:00:00.000Z",
        "dateReserved": "2007-08-30T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:01:09.881Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-4542 (GCVE-0-2007-4542)

    Vulnerability from nvd – Published: 2007-08-27 21:00 – Updated: 2024-08-07 15:01
    VLAI
    Summary
    Multiple cross-site scripting (XSS) vulnerabilities in MapServer before 4.10.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the (1) processLine function in maptemplate.c and the (2) writeError function in mapserv.c in the mapserv CGI program.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://trac.osgeo.org/mapserver/attachment/ticket… x_refsource_MISC
    http://secunia.com/advisories/29688 third-party-advisoryx_refsource_SECUNIA
    http://mapserver.gis.umn.edu/download/current/HIS… x_refsource_CONFIRM
    http://trac.osgeo.org/mapserver/ticket/2256 x_refsource_CONFIRM
    http://secunia.com/advisories/26561 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/26718 third-party-advisoryx_refsource_SECUNIA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://www.vupen.com/english/advisories/2007/2974 vdb-entryx_refsource_VUPEN
    http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=439346 x_refsource_MISC
    http://www.securityfocus.com/bid/25582 vdb-entryx_refsource_BID
    http://www.debian.org/security/2008/dsa-1539 vendor-advisoryx_refsource_DEBIAN
    Date Public
    2007-08-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:01:09.799Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://trac.osgeo.org/mapserver/attachment/ticket/2256/ms-bug-2256-4.8.patch"
              },
              {
                "name": "29688",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/29688"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://mapserver.gis.umn.edu/download/current/HISTORY.TXT/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://trac.osgeo.org/mapserver/ticket/2256"
              },
              {
                "name": "26561",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26561"
              },
              {
                "name": "26718",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26718"
              },
              {
                "name": "FEDORA-2007-2018",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00096.html"
              },
              {
                "name": "ADV-2007-2974",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2974"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=439346"
              },
              {
                "name": "25582",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/25582"
              },
              {
                "name": "DSA-1539",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2008/dsa-1539"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-08-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in MapServer before 4.10.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the (1) processLine function in maptemplate.c and the (2) writeError function in mapserv.c in the mapserv CGI program."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2008-04-17T09:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://trac.osgeo.org/mapserver/attachment/ticket/2256/ms-bug-2256-4.8.patch"
            },
            {
              "name": "29688",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/29688"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://mapserver.gis.umn.edu/download/current/HISTORY.TXT/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://trac.osgeo.org/mapserver/ticket/2256"
            },
            {
              "name": "26561",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26561"
            },
            {
              "name": "26718",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26718"
            },
            {
              "name": "FEDORA-2007-2018",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00096.html"
            },
            {
              "name": "ADV-2007-2974",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2974"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=439346"
            },
            {
              "name": "25582",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/25582"
            },
            {
              "name": "DSA-1539",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2008/dsa-1539"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-4542",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple cross-site scripting (XSS) vulnerabilities in MapServer before 4.10.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the (1) processLine function in maptemplate.c and the (2) writeError function in mapserv.c in the mapserv CGI program."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://trac.osgeo.org/mapserver/attachment/ticket/2256/ms-bug-2256-4.8.patch",
                  "refsource": "MISC",
                  "url": "http://trac.osgeo.org/mapserver/attachment/ticket/2256/ms-bug-2256-4.8.patch"
                },
                {
                  "name": "29688",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/29688"
                },
                {
                  "name": "http://mapserver.gis.umn.edu/download/current/HISTORY.TXT/",
                  "refsource": "CONFIRM",
                  "url": "http://mapserver.gis.umn.edu/download/current/HISTORY.TXT/"
                },
                {
                  "name": "http://trac.osgeo.org/mapserver/ticket/2256",
                  "refsource": "CONFIRM",
                  "url": "http://trac.osgeo.org/mapserver/ticket/2256"
                },
                {
                  "name": "26561",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26561"
                },
                {
                  "name": "26718",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26718"
                },
                {
                  "name": "FEDORA-2007-2018",
                  "refsource": "FEDORA",
                  "url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00096.html"
                },
                {
                  "name": "ADV-2007-2974",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2974"
                },
                {
                  "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=439346",
                  "refsource": "MISC",
                  "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=439346"
                },
                {
                  "name": "25582",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/25582"
                },
                {
                  "name": "DSA-1539",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2008/dsa-1539"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-4542",
        "datePublished": "2007-08-27T21:00:00.000Z",
        "dateReserved": "2007-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:01:09.799Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-4629 (GCVE-0-2007-4629)

    Vulnerability from cvelistv5 – Published: 2007-08-31 01:00 – Updated: 2024-08-07 15:01
    VLAI
    Summary
    Buffer overflow in the processLine function in maptemplate.c in MapServer before 4.10.3 allows attackers to cause a denial of service and possibly execute arbitrary code via a mapfile with a long layer name, group name, or metadata entry name.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://trac.osgeo.org/mapserver/ticket/2252 x_refsource_CONFIRM
    http://secunia.com/advisories/29688 third-party-advisoryx_refsource_SECUNIA
    http://mapserver.gis.umn.edu/download/current/HIS… x_refsource_CONFIRM
    http://securityreason.com/securityalert/3082 third-party-advisoryx_refsource_SREASON
    http://secunia.com/advisories/26561 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/26718 third-party-advisoryx_refsource_SECUNIA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://www.vupen.com/english/advisories/2007/2974 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/25582 vdb-entryx_refsource_BID
    https://bugzilla.redhat.com/show_bug.cgi?id=272081 x_refsource_MISC
    http://www.debian.org/security/2008/dsa-1539 vendor-advisoryx_refsource_DEBIAN
    Date Public
    2007-08-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:01:09.881Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://trac.osgeo.org/mapserver/ticket/2252"
              },
              {
                "name": "29688",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/29688"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://mapserver.gis.umn.edu/download/current/HISTORY.TXT/"
              },
              {
                "name": "3082",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/3082"
              },
              {
                "name": "26561",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26561"
              },
              {
                "name": "26718",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26718"
              },
              {
                "name": "FEDORA-2007-2018",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00096.html"
              },
              {
                "name": "ADV-2007-2974",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2974"
              },
              {
                "name": "25582",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/25582"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=272081"
              },
              {
                "name": "DSA-1539",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2008/dsa-1539"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-08-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the processLine function in maptemplate.c in MapServer before 4.10.3 allows attackers to cause a denial of service and possibly execute arbitrary code via a mapfile with a long layer name, group name, or metadata entry name."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-06-10T11:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://trac.osgeo.org/mapserver/ticket/2252"
            },
            {
              "name": "29688",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/29688"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://mapserver.gis.umn.edu/download/current/HISTORY.TXT/"
            },
            {
              "name": "3082",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/3082"
            },
            {
              "name": "26561",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26561"
            },
            {
              "name": "26718",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26718"
            },
            {
              "name": "FEDORA-2007-2018",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00096.html"
            },
            {
              "name": "ADV-2007-2974",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2974"
            },
            {
              "name": "25582",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/25582"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=272081"
            },
            {
              "name": "DSA-1539",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2008/dsa-1539"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-4629",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in the processLine function in maptemplate.c in MapServer before 4.10.3 allows attackers to cause a denial of service and possibly execute arbitrary code via a mapfile with a long layer name, group name, or metadata entry name."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://trac.osgeo.org/mapserver/ticket/2252",
                  "refsource": "CONFIRM",
                  "url": "http://trac.osgeo.org/mapserver/ticket/2252"
                },
                {
                  "name": "29688",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/29688"
                },
                {
                  "name": "http://mapserver.gis.umn.edu/download/current/HISTORY.TXT/",
                  "refsource": "CONFIRM",
                  "url": "http://mapserver.gis.umn.edu/download/current/HISTORY.TXT/"
                },
                {
                  "name": "3082",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/3082"
                },
                {
                  "name": "26561",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26561"
                },
                {
                  "name": "26718",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26718"
                },
                {
                  "name": "FEDORA-2007-2018",
                  "refsource": "FEDORA",
                  "url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00096.html"
                },
                {
                  "name": "ADV-2007-2974",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2974"
                },
                {
                  "name": "25582",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/25582"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=272081",
                  "refsource": "MISC",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=272081"
                },
                {
                  "name": "DSA-1539",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2008/dsa-1539"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-4629",
        "datePublished": "2007-08-31T01:00:00.000Z",
        "dateReserved": "2007-08-30T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:01:09.881Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-4542 (GCVE-0-2007-4542)

    Vulnerability from cvelistv5 – Published: 2007-08-27 21:00 – Updated: 2024-08-07 15:01
    VLAI
    Summary
    Multiple cross-site scripting (XSS) vulnerabilities in MapServer before 4.10.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the (1) processLine function in maptemplate.c and the (2) writeError function in mapserv.c in the mapserv CGI program.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://trac.osgeo.org/mapserver/attachment/ticket… x_refsource_MISC
    http://secunia.com/advisories/29688 third-party-advisoryx_refsource_SECUNIA
    http://mapserver.gis.umn.edu/download/current/HIS… x_refsource_CONFIRM
    http://trac.osgeo.org/mapserver/ticket/2256 x_refsource_CONFIRM
    http://secunia.com/advisories/26561 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/26718 third-party-advisoryx_refsource_SECUNIA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://www.vupen.com/english/advisories/2007/2974 vdb-entryx_refsource_VUPEN
    http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=439346 x_refsource_MISC
    http://www.securityfocus.com/bid/25582 vdb-entryx_refsource_BID
    http://www.debian.org/security/2008/dsa-1539 vendor-advisoryx_refsource_DEBIAN
    Date Public
    2007-08-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:01:09.799Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://trac.osgeo.org/mapserver/attachment/ticket/2256/ms-bug-2256-4.8.patch"
              },
              {
                "name": "29688",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/29688"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://mapserver.gis.umn.edu/download/current/HISTORY.TXT/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://trac.osgeo.org/mapserver/ticket/2256"
              },
              {
                "name": "26561",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26561"
              },
              {
                "name": "26718",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26718"
              },
              {
                "name": "FEDORA-2007-2018",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00096.html"
              },
              {
                "name": "ADV-2007-2974",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2974"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=439346"
              },
              {
                "name": "25582",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/25582"
              },
              {
                "name": "DSA-1539",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2008/dsa-1539"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-08-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in MapServer before 4.10.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the (1) processLine function in maptemplate.c and the (2) writeError function in mapserv.c in the mapserv CGI program."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2008-04-17T09:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://trac.osgeo.org/mapserver/attachment/ticket/2256/ms-bug-2256-4.8.patch"
            },
            {
              "name": "29688",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/29688"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://mapserver.gis.umn.edu/download/current/HISTORY.TXT/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://trac.osgeo.org/mapserver/ticket/2256"
            },
            {
              "name": "26561",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26561"
            },
            {
              "name": "26718",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26718"
            },
            {
              "name": "FEDORA-2007-2018",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00096.html"
            },
            {
              "name": "ADV-2007-2974",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2974"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=439346"
            },
            {
              "name": "25582",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/25582"
            },
            {
              "name": "DSA-1539",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2008/dsa-1539"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-4542",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple cross-site scripting (XSS) vulnerabilities in MapServer before 4.10.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the (1) processLine function in maptemplate.c and the (2) writeError function in mapserv.c in the mapserv CGI program."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://trac.osgeo.org/mapserver/attachment/ticket/2256/ms-bug-2256-4.8.patch",
                  "refsource": "MISC",
                  "url": "http://trac.osgeo.org/mapserver/attachment/ticket/2256/ms-bug-2256-4.8.patch"
                },
                {
                  "name": "29688",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/29688"
                },
                {
                  "name": "http://mapserver.gis.umn.edu/download/current/HISTORY.TXT/",
                  "refsource": "CONFIRM",
                  "url": "http://mapserver.gis.umn.edu/download/current/HISTORY.TXT/"
                },
                {
                  "name": "http://trac.osgeo.org/mapserver/ticket/2256",
                  "refsource": "CONFIRM",
                  "url": "http://trac.osgeo.org/mapserver/ticket/2256"
                },
                {
                  "name": "26561",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26561"
                },
                {
                  "name": "26718",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26718"
                },
                {
                  "name": "FEDORA-2007-2018",
                  "refsource": "FEDORA",
                  "url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00096.html"
                },
                {
                  "name": "ADV-2007-2974",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2974"
                },
                {
                  "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=439346",
                  "refsource": "MISC",
                  "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=439346"
                },
                {
                  "name": "25582",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/25582"
                },
                {
                  "name": "DSA-1539",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2008/dsa-1539"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-4542",
        "datePublished": "2007-08-27T21:00:00.000Z",
        "dateReserved": "2007-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:01:09.799Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }