|
|
Log in / Subscribe / Register

mapserver: command execution

Package(s):mapserver CVE #(s):CVE-2013-7262
Created:March 9, 2015 Updated:March 20, 2015
Description: From the CVE entry:

SQL injection vulnerability in the msPostGISLayerSetTimeFilter function in mappostgis.c in MapServer before 6.4.1, when a WMS-Time service is used, allows remote attackers to execute arbitrary SQL commands via a crafted string in a PostGIS TIME filter

Alerts:
Fedora FEDORA-2014-17559 mapserver 2015-03-19
Fedora FEDORA-2014-17567 mapserver 2015-03-19
Mageia MGASA-2015-0097 mapserver 2015-03-06
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds