CVE-2007-1770

Sažetak

Buffer overflow in the ArcSDE service (giomgr) in Environmental Systems Research Institute (ESRI) ArcGIS before 9.2 Service Pack 2, when using three tiered ArcSDE configurations, allows remote attackers to cause a denial of service (giomgr crash) and execute arbitrary code via long parameters in crafted requests.

Reference

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=507
http://secunia.com/advisories/24639
http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=19&MetaID=1260
http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=19&MetaID=1261
http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=19&MetaID=1262
http://www.securityfocus.com/bid/23175
http://www.securitytracker.com/id?1017874
http://www.vupen.com/english/advisories/2007/1140
https://exchange.xforce.ibmcloud.com/vulnerabilities/33282
https://exchange.xforce.ibmcloud.com/vulnerabilities/33457

CVSS

Base:	10.0
Impact:	10.0
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

29-07-2017 - 01:30

Objavljeno

30-03-2007 - 01:19