Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple heap-based buffer underflows in the readPostBody function in cgiutil.c in mapserv in MapServer 4.x through 4.10.4 and 5.x before 5.4.2 allow remote attackers to execute arbitrary code via (1) a crafted Content-Length HTTP header or (2) a large HTTP request, related to an integer overflow that triggers a heap-based buffer overflow. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-0840.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
MapServer 缓冲区错误漏洞
Vulnerability Description
Mapserver是开源地理空间(Osgeo)基金会的一套用于将空间数据和交互式地图应用程序发布到Web的开源平台。 MapServer的cgiutil.c文件中的readPostBody函数中存在缓冲区错误漏洞。远程攻击者可以通过向服务器提交特制的Content-Length HTTP头或超长的HTTP请求来触发这个溢出,导致执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A