Stack-based buffer overflow in MapServer before 6.0.6, 6.2.x before 6.2.4, 6.4.x before 6.4.5, and 7.0.x before 7.0.4 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via vectors involving WFS get feature requests.
{ "vanir_signatures": [ { "id": "CVE-2017-5522-1b5eddec", "signature_type": "Function", "digest": { "function_hash": "78958092480897395008745378951998339160", "length": 1853.0 }, "target": { "file": "mapogcfiltercommon.c", "function": "FLTGetIsLikeComparisonCommonExpression" }, "deprecated": false, "signature_version": "v1", "source": "https://github.com/mapserver/mapserver/commit/e52a436c0e1c5e9f7ef13428dba83194a800f4df" }, { "id": "CVE-2017-5522-773d9de8", "signature_type": "Line", "digest": { "line_hashes": [ "134725315701098322164442788430346890063", "30343050412733377884150706812979781181", "1738462496375633196784044549106424378", "75265047102005152013675957596411721348" ], "threshold": 0.9 }, "target": { "file": "mapogcfiltercommon.c" }, "deprecated": false, "signature_version": "v1", "source": "https://github.com/mapserver/mapserver/commit/e52a436c0e1c5e9f7ef13428dba83194a800f4df" }, { "id": "CVE-2017-5522-8388f5e9", "signature_type": "Function", "digest": { "function_hash": "179232170287543485425012009100138400529", "length": 1853.0 }, "target": { "file": "mapogcfilter.c", "function": "FLTGetIsLikeComparisonExpression" }, "deprecated": false, "signature_version": "v1", "source": "https://github.com/mapserver/mapserver/commit/e52a436c0e1c5e9f7ef13428dba83194a800f4df" }, { "id": "CVE-2017-5522-91ce951d", "signature_type": "Line", "digest": { "line_hashes": [ "134725315701098322164442788430346890063", "30343050412733377884150706812979781181", "148764181183899427865026982802881782215", "106135687746595787786735168921839244016" ], "threshold": 0.9 }, "target": { "file": "mapogcfilter.c" }, "deprecated": false, "signature_version": "v1", "source": "https://github.com/mapserver/mapserver/commit/e52a436c0e1c5e9f7ef13428dba83194a800f4df" } ] }