Vulnerabilities > CVE-2011-2975 - Resource Management Errors vulnerability in multiple products

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
osgeo
umn
CWE-399
exploit available
NVD
Published: 2011-08-01
Updated: 2021-06-07

Summary

Double free vulnerability in the msAddImageSymbol function in mapsymbol.c in MapServer before 6.0.1 might allow remote attackers to cause a denial of service (application crash) or have unspecified other impact via crafted mapfile data.

Vulnerable Configurations

Part Description Count
Application
Osgeo
101
Application
Umn
16

Common Weakness Enumeration (CWE)

Exploit-Db

descriptionMapServer 6.0 Map File Double Free Remote Denial of Service Vulnerability. CVE-2011-2975. Dos exploit for windows platform
idEDB-ID:36092
last seen2016-02-04
modified2011-08-30
published2011-08-30
reporterrouault
sourcehttps://www.exploit-db.com/download/36092/
titleMapServer <= 6.0 Map File Double Free Remote Denial of Service Vulnerability

References