PT-2009-2694 · Geoserver · Geoserver

Publicado

2009-09-14

Atualizado

2022-05-17

CVE-2008-7227

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions GeoServer versions prior to 1.6.1 GeoServer versions prior to 1.7.0-beta1

Description The issue is related to the PartialBufferOutputStream2 in GeoServer, which attempts to flush buffer contents even when handling an "in memory buffer." This prevents the reporting of a service exception. The impact and attack vectors of this issue are unknown. However, it has been noted that the effects of the bug would only give the caller an incomplete view of data which they would be authorized to see.

Recommendations For GeoServer versions prior to 1.6.1, update to version 1.6.1 or later. For GeoServer versions prior to 1.7.0-beta1, update to version 1.7.0-beta1 or later.

Correção

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

CVE-2008-7227

GHSA-8HMH-MHQV-7638

Produtos afetados

Geoserver

PT-2009-2694 · Geoserver · Geoserver

CVE-2008-7227

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7