Your submission was sent successfully! Close

CVE-2009-0841

Published: 31 March 2009

Directory traversal vulnerability in mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2, when running on Windows with Cygwin, allows remote attackers to create arbitrary files via a .. (dot dot) in the id parameter.

Priority

Medium

Status

Package Release Status
mapserver
Launchpad, Ubuntu, Debian
Upstream Needs triage