Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2011-2704

Stack-based buffer overflow in MapServer before 4.10.7 and 5.x before 5.6.7 allows remote attackers to execute arbitrary code via vectors related to OGC filter encoding.

Related bugs and status

CVE-2011-2704 (Candidate) is related to these bugs:

Bug #809133: Possible SQL injection in WFS

		In	Importance	Status
809133	Possible SQL injection in WFS	mapserver (Ubuntu)	Undecided	Fix Released
809133	Possible SQL injection in WFS	mapserver (Ubuntu Hardy)	Undecided	Fix Released
809133	Possible SQL injection in WFS	mapserver (Ubuntu Lucid)	Undecided	Fix Released
809133	Possible SQL injection in WFS	mapserver (Ubuntu Natty)	Undecided	Fix Released
809133	Possible SQL injection in WFS	mapserver (Ubuntu Maverick)	Undecided	Fix Released
809133	Possible SQL injection in WFS	mapserver (Ubuntu Oneiric)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://www.securityfoc...
MISC: http://www.debian.org/...
MISC: http://lists.osgeo.org...
MISC: http://www.openwall.co...
MISC: http://www.openwall.co...
MISC: http://trac.osgeo.org/...
MISC: https://bugzilla.redha...
MISC: https://exchange.xforc...