CVE-2007-1770
CVE-2007-1770
10.0
CriticalPublished:
Last updated:
Source:cve@mitre.org
Modified
Weakness (CWE)
CVSS Vector
v2.0- Attack Vector
- Network
- Attack Complexity
- Low
- Authentication
- None
- Confidentiality
- Complete
- Integrity
- Complete
- Availability
- Complete
Description
Buffer overflow in the ArcSDE service (giomgr) in Environmental Systems Research Institute (ESRI) ArcGIS before 9.2 Service Pack 2, when using three tiered ArcSDE configurations, allows remote attackers to cause a denial of service (giomgr crash) and execute arbitrary code via long parameters in crafted requests.
References
cve@mitre.org
http://secunia.com/advisories/24639cve@mitre.org
http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=19&MetaID=1260cve@mitre.org
http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=19&MetaID=1261cve@mitre.org
http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=19&MetaID=1262cve@mitre.org
http://www.securityfocus.com/bid/23175cve@mitre.org
http://www.securitytracker.com/id?1017874cve@mitre.org
http://www.vupen.com/english/advisories/2007/1140af854a3a-2127-422b-91ae-364da2661108
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=507af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/24639af854a3a-2127-422b-91ae-364da2661108
http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=19&MetaID=1260af854a3a-2127-422b-91ae-364da2661108
http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=19&MetaID=1261af854a3a-2127-422b-91ae-364da2661108
http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=19&MetaID=1262af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/23175af854a3a-2127-422b-91ae-364da2661108
http://www.securitytracker.com/id?1017874af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2007/1140af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/33282af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/33457