Oval Definition:oval:org.mitre.oval:def:13006
Revision Date:2014-06-23Version:20
Title:DSA-2285-1 mapserver -- several
Description:Several vulnerabilities have been discovered in mapserver, a CGI-based web framework to publish spatial data and interactive mapping applications. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2011-2703 Several instances of insufficient escaping of user input, leading to SQL injection attacks via OGC filter encoding. CVE-2011-2704 Missing length checks in the processing of OGC filter encoding that can lead to stack-based buffer overflows and the execution of arbitrary code.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2011-2703
CVE-2011-2704
DSA-2285-1
Platform(s):Debian GNU/kFreeBSD 6.0
Debian GNU/Linux 5.0
Debian GNU/Linux 6.0
Product(s):mapserver
Definition Synopsis
  • Release section
  • Debian GNU/Linux 5.0 is installed
  • AND Installed architecture is all
  • AND mapserver DPKG is earlier than 5.0.3-3+lenny7
  • OR Release section
  • Debian 6.0 is installed
  • AND GNU/Linux or GNU/kFreeBSD kernel
  • Debian GNU/Linux is installed
  • OR Debian GNU/kFreeBSD is installed
  • AND Installed architecture is all
  • AND mapserver DPKG is earlier than 5.6.5-2+squeeze2
  • BACK