Vulnerabilities

CVE-2009-0843

by Fred · 31/03/2009

The msLoadQuery function in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows remote attackers to determine the existence of arbitrary files via a full pathname in the queryfile parameter, which triggers different error messages depending on whether this pathname exists.

Date published : 2009-03-31

http://www.securityfocus.com/bid/34306

http://www.securityfocus.com/archive/1/502271/100/0/threaded

Similar

Tags: Cybersecurity Alert