CVE-2009-0839
Publication date 31 March 2009
Last updated 24 July 2024
Ubuntu priority
Stack-based buffer overflow in mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2, when the server has a map with a long IMAGEPATH or NAME attribute, allows remote attackers to execute arbitrary code via a crafted id parameter in a query action.
Status
Package | Ubuntu Release | Status |
---|---|---|
mapserver | 9.10 karmic |
Not affected
|
9.04 jaunty |
Fixed 5.0.3-3ubuntu0.1
|
|
8.10 intrepid |
Fixed 5.0.3-2ubuntu0.1
|
|
8.04 LTS hardy |
Fixed 5.0.0-3ubuntu0.1
|
|
7.10 gutsy | Ignored end of life, was needs-triage | |
6.06 LTS dapper | Ignored end of life |