MapServer is a system for developing web-based GIS applications. Starting in version 4.2 and prior to version 8.6.1, a heap-buffer-overflow write in MapServer’s SLD (Styled Layer Descriptor) parser lets a remote, unauthenticated attacker crash the MapServer process by sending a crafted SLD with more than 100 Threshold elements inside a ColorMap/Categorize structure (commonly reachable via WMS GetMap with SLD_BODY). Version 8.6.1 patches the issue.
7.0.0-4build17.0.0-5ubuntu17.0.0-77.0.0-87.0.0-8build17.0.0-97.0.0-9ubuntu17.0.0-9ubuntu27.0.0-9ubuntu37.0.0-9ubuntu3.17.0.6-2build17.0.7-17.0.7-1build17.0.7-1build27.4.1-1build17.4.1-1build37.4.2-17.4.2-1build17.4.3-17.4.3-1build27.4.3-27.4.3-2build17.6.3-1~exp1ubuntu17.6.4-27.6.4-2build28.0.1-2build18.0.1-2build28.0.1-2build38.0.1-2build58.0.1-4ubuntu18.0.1-4ubuntu28.4.0-1build18.4.0-48.4.0-4build1Exploitability
AV:NAC:LPR:NUI:NScope
S:UImpact
C:NI:NA:HCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H