What is the severity of CVE-2010-2539?

CVE-2010-2539 is classified as a high severity vulnerability due to its potential for denial of service attacks.

How do I fix CVE-2010-2539?

To mitigate CVE-2010-2539, upgrade to MapServer version 4.10.6 or 5.6.4 or later, which contain the patch for this vulnerability.

Who is affected by CVE-2010-2539?

CVE-2010-2539 affects various versions of MapServer, specifically versions prior to 4.10.6 and 5.x before 5.6.4.

What types of attacks can exploit CVE-2010-2539?

CVE-2010-2539 can be exploited by local users to cause a denial of service through crafting specific temporary file names.

Is CVE-2010-2539 a known vulnerability?

Yes, CVE-2010-2539 is a known and documented vulnerability that has been reported in historical security assessments.

Vulnerability/
CVE-2010-2539

low

2.1

CWE

119

22/7/2010

2/8/2010

7/8/2024

CVE-2010-2539: Buffer Overflow

First published: Thu Jul 22 2010(Updated: )

Buffer overflow in the msTmpFile function in maputil.c in mapserv in MapServer before 4.10.6 and 5.x before 5.6.4 allows local users to cause a denial of service via vectors involving names of temporary files.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
MapServer	=4.0
MapServer	=4.2.0-beta1
MapServer	=4.4.0-beta1
MapServer	=4.4.0-beta2
MapServer	=4.6.0-beta1
MapServer	=4.6.0-beta2
MapServer	=4.6.0-beta3
MapServer	=4.8.0-beta2
MapServer	=4.8.0-beta1
MapServer	=4.8.0-beta3
MapServer	=4.8.0-rc2
MapServer	=4.8.0-rc1
MapServer	=4.10.0
MapServer	=4.10.0-beta1
MapServer	=4.10.0-rc1
MapServer	=4.10.0-beta3
MapServer	=4.10.0-beta2
MapServer	=4.10.4
MapServer	=4.10.2
MapServer	=4.10.1
MapServer	=4.10.3
MapServer	=4.6.0
MapServer	=4.6.0-rc1
MapServer	<=4.10.5
MapServer	=4.4.0
MapServer	=4.4.0-beta3
MapServer	=5.0.0-beta5
MapServer	=5.0.0-beta6
MapServer	=5.0.0-beta3
MapServer	=5.0.0-beta4
MapServer	=5.0.0-beta1
MapServer	=5.0.0-beta2
MapServer	=5.0.0-rc1
MapServer	=5.2.0
MapServer	=5.2.0-beta2
MapServer	=5.2.0-beta1
MapServer	=5.2.0-beta3
MapServer	=5.2.0-beta4
MapServer	=5.2.0-rc1
MapServer	=5.2.1
MapServer	=5.4.0
MapServer	=5.4.0-beta1
MapServer	=5.4.0-beta2
MapServer	=5.4.0-beta4
MapServer	=5.4.0-beta3
MapServer	=5.4.0-rc2
MapServer	=5.4.0-rc1
MapServer	=5.4.2
MapServer	=5.4.1
MapServer	=5.6.0
MapServer	=5.6.1
MapServer	<=5.6.3
MapServer	=5.0.0-rc2
MapServer	=5.0.0

Remedy

http://lists.osgeo.org/pipermail/mapserver-users/2010-July/066052.html

Remedy

http://trac.osgeo.org/mapserver/ticket/3484

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2010-2539?
CVE-2010-2539 is classified as a high severity vulnerability due to its potential for denial of service attacks.
How do I fix CVE-2010-2539?
To mitigate CVE-2010-2539, upgrade to MapServer version 4.10.6 or 5.6.4 or later, which contain the patch for this vulnerability.
Who is affected by CVE-2010-2539?
CVE-2010-2539 affects various versions of MapServer, specifically versions prior to 4.10.6 and 5.x before 5.6.4.
What types of attacks can exploit CVE-2010-2539?
CVE-2010-2539 can be exploited by local users to cause a denial of service through crafting specific temporary file names.
Is CVE-2010-2539 a known vulnerability?
Yes, CVE-2010-2539 is a known and documented vulnerability that has been reported in historical security assessments.

agent/type
agent/remedy
agent/first-publish-date
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/severity
agent/author
agent/references
agent/description
agent/event
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2010-2539
agent/trending
agent/source
agent/weakness
agent/tags
agent/softwarecombine
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/umn
canonical/mapserver
version/mapserver/4.0
vendor/osgeo
version/mapserver/4.2.0-beta1
version/mapserver/4.4.0-beta1
version/mapserver/4.4.0-beta2
version/mapserver/4.6.0-beta1
version/mapserver/4.6.0-beta2
version/mapserver/4.6.0-beta3
version/mapserver/4.8.0-beta2
version/mapserver/4.8.0-beta1
version/mapserver/4.8.0-beta3
version/mapserver/4.8.0-rc2
version/mapserver/4.8.0-rc1
version/mapserver/4.10.0
version/mapserver/4.10.0-beta1
version/mapserver/4.10.0-rc1
version/mapserver/4.10.0-beta3
version/mapserver/4.10.0-beta2
version/mapserver/4.10.4
version/mapserver/4.10.2
version/mapserver/4.10.1
version/mapserver/4.10.3
version/mapserver/4.6.0
version/mapserver/4.6.0-rc1
version/mapserver/4.10.5
version/mapserver/4.4.0
version/mapserver/4.4.0-beta3
version/mapserver/5.0.0-beta5
version/mapserver/5.0.0-beta6
version/mapserver/5.0.0-beta3
version/mapserver/5.0.0-beta4
version/mapserver/5.0.0-beta1
version/mapserver/5.0.0-beta2
version/mapserver/5.0.0-rc1
version/mapserver/5.2.0
version/mapserver/5.2.0-beta2
version/mapserver/5.2.0-beta1
version/mapserver/5.2.0-beta3
version/mapserver/5.2.0-beta4
version/mapserver/5.2.0-rc1
version/mapserver/5.2.1
version/mapserver/5.4.0
version/mapserver/5.4.0-beta1
version/mapserver/5.4.0-beta2
version/mapserver/5.4.0-beta4
version/mapserver/5.4.0-beta3
version/mapserver/5.4.0-rc2
version/mapserver/5.4.0-rc1
version/mapserver/5.4.2
version/mapserver/5.4.1
version/mapserver/5.6.0
version/mapserver/5.6.1
version/mapserver/5.6.3
version/mapserver/5.0.0-rc2
version/mapserver/5.0.0

CVE-2010-2539: Buffer Overflow

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2010-2539?

How do I fix CVE-2010-2539?

Who is affected by CVE-2010-2539?

What types of attacks can exploit CVE-2010-2539?

Is CVE-2010-2539 a known vulnerability?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2010-2539?

How do I fix CVE-2010-2539?

Who is affected by CVE-2010-2539?

What types of attacks can exploit CVE-2010-2539?

Is CVE-2010-2539 a known vulnerability?