CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2005-1394

Format string vulnerability in ArcGIS for ESRI ArcInfo Workstation 9.0 allows local users to gain privileges via format string specifiers in the ARCHOME environment variable to (1) wservice or (2) lockmgr.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 64.9%

CVSS Severity

CVSS v2 Score 7.2

References

http://marc.info/?l=full-disclosure&m=111489411524630&w=2
http://secunia.com/advisories/15196
http://securitytracker.com/id?1013852
http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=14&MetaID=1015
http://www.digitalmunition.com/DMA%5B2005-0425a%5D.txt
http://marc.info/?l=full-disclosure&m=111489411524630&w=2
http://secunia.com/advisories/15196
http://securitytracker.com/id?1013852
http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=14&MetaID=1015
http://www.digitalmunition.com/DMA%5B2005-0425a%5D.txt

Products affected by CVE-2005-1394

Esri » Arcinfo Workstation » Version: 9.0

cpe:2.3:a:esri:arcinfo_workstation:9.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-1394

Products

Pricing

Contact Us