cbcvebase.
CVE-2011-2975
published 2011-08-01

CVE-2011-2975: Double free vulnerability in the msAddImageSymbol function in mapsymbol.c in MapServer before 6.0.1 might allow remote attackers to cause a denial of service…

PriorityP431medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
4.60%
90.5th percentile
Double free vulnerability in the msAddImageSymbol function in mapsymbol.c in MapServer before 6.0.1 might allow remote attackers to cause a denial of service (application crash) or have unspecified other impact via crafted mapfile data.

Affected

33 ranges· showing 25
VendorProductVersion rangeFixed in
debianmapserver< mapserver 6.0.1-1 (bookworm)mapserver 6.0.1-1 (bookworm)
osgeomapserver<= 6.0.0
osgeomapserver
osgeomapserver
osgeomapserver
osgeomapserver
osgeomapserver
osgeomapserver
osgeomapserver
osgeomapserver
osgeomapserver
osgeomapserver
osgeomapserver
osgeomapserver
osgeomapserver
osgeomapserver
osgeomapserver
osgeomapserver
osgeomapserver
osgeomapserver
osgeomapserver
osgeomapserver>= 0 < 6.0.1-16.0.1-1
osgeomapserver>= 0 < 6.0.1-16.0.1-1
osgeomapserver>= 0 < 6.0.1-16.0.1-1
osgeomapserver>= 0 < 6.0.1-16.0.1-1

CVSS provenance

nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
vendor_debian6.8MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.