Lucene search
K
EsriArcmap

4 matches found

CVE
CVE
added 2012/07/12 9:0 p.m.70 views

CVE-2012-1661

ESRI ArcMap 9 and ArcGIS Desktop 10.0.2.3200 and earlier are affected by a flaw that does not properly prompt before executing embedded VBA macros in map files (.mxd), allowing user‑assisted remote code execution. Root cause: VBA macro execution is not prompting the user. Affected products/versio...

9.3CVSS7.4AI score0.23833EPSS
CVE
CVE
added 2021/03/25 8:37 p.m.69 views

CVE-2021-29098

VULNERABILITY SUMMARY: CVE-2021-29098 affects Esri ArcReader and related Esri products (ArcReader, ArcGIS Desktop/Engine 10.8.1 and earlier, ArcGIS Pro 2.7 and earlier). Root cause: parsing of PMF files yields an uninitialized pointer access, enabling arbitrary code execution in the context of th...

7.8CVSS7.9AI score0.01952EPSS
CVE
CVE
added 2021/03/25 8:36 p.m.67 views

CVE-2021-29097

CVE-2021-29097 corresponds to Esri ArcReader/ArcGIS PMF file parsing vulnerabilities that allow remote code execution via buffer overflow in the PMF parsing logic. The connected ZDI advisories describe heap- and stack-based buffer overflow variants (PMF parsing) that enable code execution in the ...

7.8CVSS8AI score0.02412EPSS
CVE
CVE
added 2021/03/25 6:37 p.m.52 views

CVE-2021-29096

The CVE-2021-29096 issue affects Esri ArcReader, ArcGIS Desktop/Engine (10.8.1 and earlier) and ArcGIS Pro (2.7 and earlier). It is a use-after-free in PMF file parsing that allows an unauthenticated attacker to achieve arbitrary code execution in the context of the current user. In the described...

7.8CVSS7.9AI score0.01522EPSS