Security Advisory

CVE-2009-0842

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2009-03-31 18:00:00

Last updated 2024-08-07 04:48:52

Assigner mitre

State PUBLISHED

Description

mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows remote attackers to read arbitrary invalid .map files via a full pathname in the map parameter, which triggers the display of partial file contents within an error message, as demonstrated by a /tmp/sekrut.map symlink.

← Browse all CVEs View on cve.org ↗