CVE-2005-1394

Опубликовано: 03 мая 2005

Источник: nvd

CVSS2: 7.2

EPSS Низкий

Описание

Format string vulnerability in ArcGIS for ESRI ArcInfo Workstation 9.0 allows local users to gain privileges via format string specifiers in the ARCHOME environment variable to (1) wservice or (2) lockmgr.

Ссылки

http://marc.info/?l=full-disclosure&m=111489411524630&w=2
Mailing List
Third Party Advisory
http://secunia.com/advisories/15196
Broken Link
http://securitytracker.com/id?1013852
Broken Link
Patch
Third Party Advisory
VDB Entry
Vendor Advisory
http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=14&MetaID=1015
Vendor Advisory
http://www.digitalmunition.com/DMA%5B2005-0425a%5D.txt
Patch
Third Party Advisory
http://marc.info/?l=full-disclosure&m=111489411524630&w=2
Mailing List
Third Party Advisory
http://secunia.com/advisories/15196
Broken Link
http://securitytracker.com/id?1013852
Broken Link
Patch
Third Party Advisory
VDB Entry
Vendor Advisory
http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=14&MetaID=1015
Vendor Advisory
http://www.digitalmunition.com/DMA%5B2005-0425a%5D.txt
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:esri:arcinfo_workstation:9.0:*:*:*:*:*:*:*

EPSS

Процентиль: 71%

0.00697

Низкий

7.2 High

CVSS2

Дефекты

CWE-134

Связанные уязвимости

GHSA-fcmj-qrc7-5x9g

github

почти 4 года назад