CVE Vulnerability

CVE-2007-1770

Buffer overflow in the ArcSDE service (giomgr) in Environmental Systems Research Institute (ESRI) ArcGIS before 9.2 Service Pack 2, when using three tiered ArcSDE configurations, allows remote attackers to cause a denial of service (giomgr crash) and execute arbitrary code via long parameters in crafted requests.

10 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 10

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Scope

References
Link Resource
http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=19&MetaID=1260
http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=19&MetaID=1261
http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=19&MetaID=1262
http://secunia.com/advisories/24639 Vendor Advisory
http://www.securityfocus.com/bid/23175
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=507
http://www.securitytracker.com/id?1017874
http://www.vupen.com/english/advisories/2007/1140
https://exchange.xforce.ibmcloud.com/vulnerabilities/33457
https://exchange.xforce.ibmcloud.com/vulnerabilities/33282
Configurations

Configuration 1

cpe:2.3:a:esri:arcgis:*:*:sp1:*:*:*:*:*
Information

Published : 2007-03-30 01:19

Updated : 2017-07-29 01:30

NVD link : CVE-2007-1770

Mitre link : CVE-2007-1770

Products Affected
No products.
CWE
NVD-CWE-Other