10

CVE-2007-1770

Buffer overflow in the ArcSDE service (giomgr) in Environmental Systems Research Institute (ESRI) ArcGIS before 9.2 Service Pack 2, when using three tiered ArcSDE configurations, allows remote attackers to cause a denial of service (giomgr crash) and execute arbitrary code via long parameters in crafted requests.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
EsriArcsde Version8.3 Update-
EsriArcsde Version8.3 Updatesp1
EsriArcsde Version9.0 Update-
EsriArcsde Version9.0 Updatesp1
EsriArcsde Version9.0 Updatesp2
EsriArcsde Version9.1 Update-
EsriArcsde Version9.1 Updatesp1
EsriArcsde Version9.1 Updatesp2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 16.71% 0.966
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=507
Broken Link
http://secunia.com/advisories/24639
Broken Link
http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=19&MetaID=1260
Vendor Advisory
http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=19&MetaID=1261
Vendor Advisory
http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=19&MetaID=1262
Vendor Advisory
http://www.securityfocus.com/bid/23175
Third Party Advisory
Broken Link
VDB Entry
http://www.securitytracker.com/id?1017874
Third Party Advisory
Broken Link
VDB Entry
http://www.vupen.com/english/advisories/2007/1140
Third Party Advisory
Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/33282
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/33457
Third Party Advisory
VDB Entry