Lucene search

[email protected]CVE-2007-1770

HistoryMar 30, 2007 - 1:19 a.m.

CVE-2007-1770

2007-03-3001:19:00

[email protected]

web.nvd.nist.gov

buffer overflow

arcsde

giomgr

environmental systems research institute

esri

arcgis

cve-2007-1770

denial of service

remote code execution

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

High

0.171 Low

EPSS

Percentile

96.1%

JSON

Buffer overflow in the ArcSDE service (giomgr) in Environmental Systems Research Institute (ESRI) ArcGIS before 9.2 Service Pack 2, when using three tiered ArcSDE configurations, allows remote attackers to cause a denial of service (giomgr crash) and execute arbitrary code via long parameters in crafted requests.

Affected configurations

NVD

Node

esriarcgisRange≤9.2sp1

CPENameOperatorVersion
esri:arcgisesri arcgisle9.2

CPE	Name	Operator	Version
esri:arcgis	esri arcgis	le	9.2

References

labs.idefense.com/intelligence/vulnerabilities/display.php?id=507

secunia.com/advisories/24639

support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=19&MetaID=1260

support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=19&MetaID=1261

support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=19&MetaID=1262

www.securityfocus.com/bid/23175

www.securitytracker.com/id?1017874

www.vupen.com/english/advisories/2007/1140

exchange.xforce.ibmcloud.com/vulnerabilities/33282

exchange.xforce.ibmcloud.com/vulnerabilities/33457

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

High

0.171 Low

EPSS

Percentile

96.1%

JSON

Related for CVE-2007-1770

prion1 nvd1 securityvulns1 cvelist1