Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 does not ensure that the string holding the id parameter ends in a '\0' character, which allows remote attackers to conduct buffer-overflow attacks or have unspecified other impact via a long id parameter in a query action.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mapserver 缓冲区错误漏洞
Vulnerability Description
Mapserver是开源地理空间(Osgeo)基金会的一套用于将空间数据和交互式地图应用程序发布到Web的开源平台。 MapServer mapserv程序存在缓冲区错误漏洞,该漏洞源于mapserv.c没有正确处理以字符结尾的id参数字符串,远程攻击者通过请求操作中超长的id参数引起缓冲溢出攻击,或则其它未明影响。
CVSS Information
N/A
Vulnerability Type
N/A