Lucene search

[email protected]NVD:CVE-2005-1394

HistoryMay 03, 2005 - 4:00 a.m.

CVE-2005-1394

2005-05-0304:00:00

[email protected]

web.nvd.nist.gov

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

0.4%

JSON

Format string vulnerability in ArcGIS for ESRI ArcInfo Workstation 9.0 allows local users to gain privileges via format string specifiers in the ARCHOME environment variable to (1) wservice or (2) lockmgr.

Affected configurations

NVD

Node

esriarcgisMatch9.0

esriarcinfo_workstationMatch9.0

References

marc.info/?l=full-disclosure&m=111489411524630&w=2

secunia.com/advisories/15196

securitytracker.com/id?1013852

support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=14&MetaID=1015

www.digitalmunition.com/DMA%5B2005-0425a%5D.txt

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

0.4%

JSON

Related for NVD:CVE-2005-1394

cve1 cvelist1