Vulnerabilities > CVE-2011-2975 - Resource Management Errors vulnerability in multiple products

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

umn

osgeo

CWE-399

exploit available

NVD

Published: 2011-08-01

Updated: 2024-11-21

Summary

Double free vulnerability in the msAddImageSymbol function in mapsymbol.c in MapServer before 6.0.1 might allow remote attackers to cause a denial of service (application crash) or have unspecified other impact via crafted mapfile data.

Vulnerable Configurations

Part	Description	Count
Application	Umn UMN Mapserver 5.6.4 UMN Mapserver 6.0.0 UMN Mapserver 5.2.2 UMN Mapserver 5.6.5 UMN Mapserver 5.6.7 UMN Mapserver 4.10.7 UMN Mapserver 5.6.6 UMN Mapserver 5.2.3	16
Application	Osgeo Osgeo Mapserver 4.2.0 Osgeo Mapserver 4.4.0 Osgeo Mapserver 4.6.0 Osgeo Mapserver 4.8.0 Osgeo Mapserver 4.10.0 Osgeo Mapserver 4.10.4 Osgeo Mapserver 4.10.2 Osgeo Mapserver 4.10.1 Osgeo Mapserver 4.10.3 Osgeo Mapserver 4.10.5 Osgeo Mapserver 5.0.0 Osgeo Mapserver 5.2.0 Osgeo Mapserver 5.2.1 Osgeo Mapserver 5.4.0 Osgeo Mapserver 5.4.2 Osgeo Mapserver 5.4.1 Osgeo Mapserver 5.6.0 Osgeo Mapserver 5.6.1 Osgeo Mapserver 5.6.3 Osgeo Mapserver 4.2.1 Osgeo Mapserver 4.2.2 Osgeo Mapserver 4.2.3 Osgeo Mapserver 4.2.4 Osgeo Mapserver 4.2.5 Osgeo Mapserver 4.4.1 Osgeo Mapserver 4.4.2 Osgeo Mapserver 4.6.1 Osgeo Mapserver 4.6.2 Osgeo Mapserver 4.8.1 Osgeo Mapserver 4.8.2 Osgeo Mapserver 4.8.3 Osgeo Mapserver 4.8.4 Osgeo Mapserver 5.2 Osgeo Mapserver 5.4 Osgeo Mapserver 5.6.2 Osgeo Mapserver 5.6.4 Osgeo Mapserver 5.6.5 Osgeo Mapserver 5.6.6 Osgeo Mapserver 5.6.7 Osgeo Mapserver 5.6.8 Osgeo Mapserver 5.6.9 Osgeo Mapserver 6.0.0	101

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

Exploit-Db

description	MapServer 6.0 Map File Double Free Remote Denial of Service Vulnerability. CVE-2011-2975. Dos exploit for windows platform
id	EDB-ID:36092
last seen	2016-02-04
modified	2011-08-30
published	2011-08-30
reporter	rouault
source	https://www.exploit-db.com/download/36092/
title	MapServer <= 6.0 Map File Double Free Remote Denial of Service Vulnerability

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Exploit-Db

References