CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2007-1770

Buffer overflow in the ArcSDE service (giomgr) in Environmental Systems Research Institute (ESRI) ArcGIS before 9.2 Service Pack 2, when using three tiered ArcSDE configurations, allows remote attackers to cause a denial of service (giomgr crash) and execute arbitrary code via long parameters in crafted requests.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.315

EPSS Ranking 96.6%

CVSS Severity

CVSS v2 Score 10.0

References

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=507
http://secunia.com/advisories/24639
http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=19&MetaID=1260
http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=19&MetaID=1261
http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=19&MetaID=1262
http://www.securityfocus.com/bid/23175
http://www.securitytracker.com/id?1017874
http://www.vupen.com/english/advisories/2007/1140
https://exchange.xforce.ibmcloud.com/vulnerabilities/33282
https://exchange.xforce.ibmcloud.com/vulnerabilities/33457
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=507
http://secunia.com/advisories/24639
http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=19&MetaID=1260
http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=19&MetaID=1261
http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=19&MetaID=1262
http://www.securityfocus.com/bid/23175
http://www.securitytracker.com/id?1017874
http://www.vupen.com/english/advisories/2007/1140
https://exchange.xforce.ibmcloud.com/vulnerabilities/33282
https://exchange.xforce.ibmcloud.com/vulnerabilities/33457

Products affected by CVE-2007-1770

Esri » Arcsde » Version: 8.3

cpe:2.3:a:esri:arcsde:8.3
Esri » Arcsde » Version: 9.0

cpe:2.3:a:esri:arcsde:9.0
Esri » Arcsde » Version: 9.1

cpe:2.3:a:esri:arcsde:9.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-1770

Products

Pricing

Contact Us