CVE-2007-4542 Information

Feb 14, 2021 cve

Description

Multiple cross-site scripting (XSS) vulnerabilities in MapServer before 4.10.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the (1) processLine function in maptemplate.c and the (2) writeError function in mapserv.c in the mapserv CGI program.

Reference

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=439346 http://mapserver.gis.umn.edu/download/current/HISTORY.TXT/ http://secunia.com/advisories/26561 http://secunia.com/advisories/26718 http://secunia.com/advisories/29688 http://trac.osgeo.org/mapserver/attachment/ticket/2256/ms-bug-2256-4.8.patch http://trac.osgeo.org/mapserver/ticket/2256 http://www.debian.org/security/2008/dsa-1539 http://www.securityfocus.com/bid/25582 http://www.vupen.com/english/advisories/2007/2974 https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00096.html

Share on: