Описание
Double free vulnerability in the msAddImageSymbol function in mapsymbol.c in MapServer before 6.0.1 might allow remote attackers to cause a denial of service (application crash) or have unspecified other impact via crafted mapfile data.
Уязвимые конфигурации
Конфигурация 1Версия до 6.0.0 (включая)
Одно из
cpe:2.3:a:osgeo:mapserver:*:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:4.2.0:beta1:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:4.4.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:4.4.0:beta1:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:4.4.0:beta2:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:4.4.0:beta3:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:4.6.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:4.6.0:beta1:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:4.6.0:beta2:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:4.6.0:beta3:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:4.6.0:rc1:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:4.8.0:beta1:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:4.8.0:beta2:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:4.8.0:beta3:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:4.8.0:rc1:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:4.8.0:rc2:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:4.10.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:4.10.0:beta1:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:4.10.0:beta2:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:4.10.0:beta3:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:4.10.0:rc1:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:4.10.1:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:4.10.2:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:4.10.3:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:4.10.4:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:4.10.5:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:5.0.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:5.0.0:beta1:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:5.0.0:beta2:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:5.0.0:beta3:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:5.0.0:beta4:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:5.0.0:beta5:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:5.0.0:beta6:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:5.0.0:rc1:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:5.0.0:rc2:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:5.2.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:5.2.0:beta1:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:5.2.0:beta2:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:5.2.0:beta3:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:5.2.0:beta4:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:5.2.0:rc1:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:5.2.1:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:5.4.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:5.4.0:beta1:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:5.4.0:beta2:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:5.4.0:beta3:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:5.4.0:beta4:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:5.4.0:rc1:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:5.4.0:rc2:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:5.4.1:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:5.4.2:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:5.6.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:5.6.1:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:mapserver:5.6.3:*:*:*:*:*:*:*
cpe:2.3:a:umn:mapserver:4.10.7:*:*:*:*:*:*:*
cpe:2.3:a:umn:mapserver:5.2.2:*:*:*:*:*:*:*
cpe:2.3:a:umn:mapserver:5.2.3:*:*:*:*:*:*:*
cpe:2.3:a:umn:mapserver:5.6.4:*:*:*:*:*:*:*
cpe:2.3:a:umn:mapserver:5.6.5:*:*:*:*:*:*:*
cpe:2.3:a:umn:mapserver:5.6.6:*:*:*:*:*:*:*
cpe:2.3:a:umn:mapserver:5.6.7:*:*:*:*:*:*:*
cpe:2.3:a:umn:mapserver:6.0.0:beta1:*:*:*:*:*:*
cpe:2.3:a:umn:mapserver:6.0.0:beta2:*:*:*:*:*:*
cpe:2.3:a:umn:mapserver:6.0.0:beta3:*:*:*:*:*:*
cpe:2.3:a:umn:mapserver:6.0.0:beta4:*:*:*:*:*:*
cpe:2.3:a:umn:mapserver:6.0.0:beta5:*:*:*:*:*:*
cpe:2.3:a:umn:mapserver:6.0.0:beta6:*:*:*:*:*:*
cpe:2.3:a:umn:mapserver:6.0.0:beta7:*:*:*:*:*:*
cpe:2.3:a:umn:mapserver:6.0.0:rc1:*:*:*:*:*:*
cpe:2.3:a:umn:mapserver:6.0.0:rc2:*:*:*:*:*:*
EPSS
Процентиль: 85%
0.02641
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-399
Связанные уязвимости
ubuntu
больше 14 лет назад
Double free vulnerability in the msAddImageSymbol function in mapsymbol.c in MapServer before 6.0.1 might allow remote attackers to cause a denial of service (application crash) or have unspecified other impact via crafted mapfile data.
debian
больше 14 лет назад
Double free vulnerability in the msAddImageSymbol function in mapsymbo ...
github
больше 3 лет назад
Double free vulnerability in the msAddImageSymbol function in mapsymbol.c in MapServer before 6.0.1 might allow remote attackers to cause a denial of service (application crash) or have unspecified other impact via crafted mapfile data.
EPSS
Процентиль: 85%
0.02641
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-399