Red Hat Bugzilla – Bug 272081
CVE-2007-4629 Buffer overflow via long strings passed to mapserver
Last modified: 2007-11-30 17:12:14 EST
Buffer overflow in the processLine funtion in maptemplate.c in
MapServer before 4.10.3 allows attackers to cause a denial of service
and possibly execute arbitrary code via a mapfile with a long layer
name, group name, or metadata entry name.
The fix for this was commited together with fox for bug #256561 and update is
about to be pushed to stable.
mapserver-4.10.3-2.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.