CVE-2005-1394

2005-05-0204:00:00

mitre

www.cve.org

6.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

0.4%

JSON

Format string vulnerability in ArcGIS for ESRI ArcInfo Workstation 9.0 allows local users to gain privileges via format string specifiers in the ARCHOME environment variable to (1) wservice or (2) lockmgr.

References

marc.info/?l=full-disclosure&m=111489411524630&w=2

secunia.com/advisories/15196

securitytracker.com/id?1013852

support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=14&MetaID=1015

www.digitalmunition.com/DMA%5B2005-0425a%5D.txt