MapServer Remote Code Execution Vulnerability via WFS Get Feature Requests

MapServer Remote Code Execution Vulnerability via WFS Get Feature Requests

CVE-2017-5522 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Stack-based buffer overflow in MapServer before 6.0.6, 6.2.x before 6.2.4, 6.4.x before 6.4.5, and 7.0.x before 7.0.4 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via vectors involving WFS get feature requests.

Learn more about our Cis Benchmark Audit For Server Software.