Описание
Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcGIS Server 10.8.1 (and earlier) allows an authenticated attacker with specialized permissions to achieve arbitrary code execution in the context of the service account.
Уязвимые конфигурации
Конфигурация 1Версия до 10.8.1 (включая)
cpe:2.3:a:esri:arcgis_server:*:*:*:*:*:*:*:*
EPSS
Процентиль: 58%
0.0036
Низкий
6.4 Medium
CVSS3
6.8 Medium
CVSS3
6 Medium
CVSS2
Дефекты
CWE-824
CWE-824
Связанные уязвимости
CVSS3: 6.8
github
больше 3 лет назад
Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcGIS Server 10.8.1 (and earlier) allows an authenticated attacker with specialized permissions to achieve arbitrary code execution in the context of the service account.
EPSS
Процентиль: 58%
0.0036
Низкий
6.4 Medium
CVSS3
6.8 Medium
CVSS3
6 Medium
CVSS2
Дефекты
CWE-824
CWE-824