First published: Thu Dec 08 2016(Updated: )
In MapServer before 7.0.3, OGR driver error messages are too verbose and may leak sensitive information if data connection fails.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
MapServer | <=7.0.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2016-9839 is considered to have a medium severity due to potential information leakage.
To fix CVE-2016-9839, upgrade MapServer to version 7.0.3 or later.
CVE-2016-9839 addresses vulnerabilities related to verbose error messages that can leak sensitive information.
CVE-2016-9839 affects MapServer versions prior to 7.0.3.
No, CVE-2016-9839 is not a risk in MapServer versions 7.0.3 and later.