CVE-2009-0841 (mapserver) [Sitemap] - HeapOverflow Computer Security Community & Forums : Heap Overflow.com
PDA

View Full Version : CVE-2009-0841 (mapserver)

Heap
02-04-09, 03:09
Directory traversal vulnerability in mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2, when running on Windows with Cygwin, allows remote attackers to create arbitrary files via a .. (dot dot) in the id parameter.

More... (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0841)