CVE-2009-0839

Publication date 31 March 2009

Last updated 24 July 2024


Ubuntu priority

Stack-based buffer overflow in mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2, when the server has a map with a long IMAGEPATH or NAME attribute, allows remote attackers to execute arbitrary code via a crafted id parameter in a query action.

Status

No maintained releases are affected by this CVE.

Package Ubuntu Release Status
mapserver 9.10 karmic
Not affected
9.04 jaunty
Fixed 5.0.3-3ubuntu0.1
8.10 intrepid
Fixed 5.0.3-2ubuntu0.1
8.04 LTS hardy
Fixed 5.0.0-3ubuntu0.1
7.10 gutsy Ignored end of life, was needs-triage
6.06 LTS dapper Ignored end of life