{"containers":{"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2011-07-13T00:00:00.000Z","descriptions":[{"lang":"en","value":"Multiple SQL injection vulnerabilities in MapServer before 4.10.7, 5.x before 5.6.7, and 6.x before 6.0.1 allow remote attackers to execute arbitrary SQL commands via vectors related to (1) OGC filter encoding or (2) WMS time support."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-08-28T12:57:01.000Z","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"references":[{"name":"45318","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/45318"},{"tags":["x_refsource_CONFIRM"],"url":"http://trac.osgeo.org/mapserver/ticket/3903"},{"name":"[oss-security] 20110719 CVE Request -- MapServer -- SQL injections in OGC filter encoding and in WMS time support.","tags":["mailing-list","x_refsource_MLIST"],"url":"http://www.openwall.com/lists/oss-security/2011/07/19/11"},{"name":"45257","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/45257"},{"name":"DSA-2285","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"http://www.debian.org/security/2011/dsa-2285"},{"tags":["x_refsource_CONFIRM"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=723293"},{"name":"[oss-security] 20110719 CVE Request -- MapServer -- Stack based buffer overflow [was: Re: Re: CVE Request -- MapServer -- SQL injections in OGC filter encoding and in WMS time support.]","tags":["mailing-list","x_refsource_MLIST"],"url":"http://www.openwall.com/lists/oss-security/2011/07/19/14"},{"name":"45368","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/45368"},{"tags":["x_refsource_CONFIRM"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=722545"},{"name":"[mapserver-users] 20110713 MapServer 6.0.1, 5.6.7 and 4.10.7 releases with security fixes","tags":["mailing-list","x_refsource_MLIST"],"url":"http://lists.osgeo.org/pipermail/mapserver-users/2011-July/069430.html"},{"name":"mapserver-multiple-sql-injection(68682)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/68682"},{"name":"48720","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/48720"},{"name":"[oss-security] 20110720 Re: CVE Request -- MapServer -- Stack based buffer overflow [was: Re: Re: CVE Request -- MapServer -- SQL injections in OGC filter encoding and in WMS time support.]","tags":["mailing-list","x_refsource_MLIST"],"url":"http://www.openwall.com/lists/oss-security/2011/07/20/15"}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-06T23:08:23.731Z"},"title":"CVE Program Container","references":[{"name":"45318","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/45318"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://trac.osgeo.org/mapserver/ticket/3903"},{"name":"[oss-security] 20110719 CVE Request -- MapServer -- SQL injections in OGC filter encoding and in WMS time support.","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2011/07/19/11"},{"name":"45257","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/45257"},{"name":"DSA-2285","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"http://www.debian.org/security/2011/dsa-2285"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=723293"},{"name":"[oss-security] 20110719 CVE Request -- MapServer -- Stack based buffer overflow [was: Re: Re: CVE Request -- MapServer -- SQL injections in OGC filter encoding and in WMS time support.]","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2011/07/19/14"},{"name":"45368","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/45368"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=722545"},{"name":"[mapserver-users] 20110713 MapServer 6.0.1, 5.6.7 and 4.10.7 releases with security fixes","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://lists.osgeo.org/pipermail/mapserver-users/2011-July/069430.html"},{"name":"mapserver-multiple-sql-injection(68682)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/68682"},{"name":"48720","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/48720"},{"name":"[oss-security] 20110720 Re: CVE Request -- MapServer -- Stack based buffer overflow [was: Re: Re: CVE Request -- MapServer -- SQL injections in OGC filter encoding and in WMS time support.]","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2011/07/20/15"}]}]},"cveMetadata":{"assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","assignerShortName":"redhat","cveId":"CVE-2011-2703","datePublished":"2011-08-01T19:00:00.000Z","dateReserved":"2011-07-11T00:00:00.000Z","dateUpdated":"2024-08-06T23:08:23.731Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}