CVE-2021-29096

The CVE-2021-29096 issue affects Esri ArcReader, ArcGIS Desktop/Engine (10.8.1 and earlier) and ArcGIS Pro (2.7 and earlier). It is a use-after-free in PMF file parsing that allows an unauthenticated attacker to achieve arbitrary code execution in the context of the current user. In the described...

PT-2021-18084 · Esri · Arcgis Desktop +3

Name of the Vulnerable Software and Affected Versions: Esri ArcReader versions 10.8.1 and earlier ArcGIS Desktop versions 10.8.1 and earlier ArcGIS Engine versions 10.8.1 and earlier ArcGIS Pro versions 2.7 and earlier Description: A use-after-free vulnerability occurs when parsing a specially...

PT-2021-18086 · Esri · Arcgis Desktop +3

Name of the Vulnerable Software and Affected Versions: Esri ArcReader versions 10.8.1 and earlier ArcGIS Desktop versions 10.8.1 and earlier ArcGIS Engine versions 10.8.1 and earlier ArcGIS Pro versions 2.7 and earlier Description: The issue arises from multiple uninitialized pointer...

Esri 多款产品缓冲区错误漏洞

ESRI ArcGIS Enterprise and others are products of Environmental Systems Research Institute ESRI, Inc.ArcGIS Enterprise is a GIS Geographic Information System base software system.Esri Arcgis Server is a Web-oriented enterprise software platform that can be used to provide geolocation services. Es...

Esri ArcReader 资源管理错误漏洞

Esri ArcReader is an application from Esri, USA. A free, easy-to-use desktop mapping application. A security vulnerability exists in Esri ArcReader that allows an unauthenticated attacker to achieve arbitrary code execution in the context of the current user. No details of the vulnerability are...