Buffer Overflow Vulnerability in ArcGIS for ESRI ArcInfo Workstation 9.0
CVE-2005-1393

Currently unrated

Key Information:

Vendor: Esri
Status: Arcinfo Workstation
Vendor: CVE Published:; 3 May 2005

What is CVE-2005-1393?

Multiple buffer overflow vulnerabilities in ArcGIS for ESRI ArcInfo Workstation 9.0 enable local users to execute arbitrary code. This occurs through excessively long command line arguments passed to various components, specifically asmaster, asuser, asutility, se, and asrecovery. Exploiting this flaw can lead to unauthorized actions and potential system compromise.

References

http://marc.info/?l=full-disclosure&m=111489411524630&w=2

mailing-listx_refsource_FULLDISC

http://support.esri.com/index.cfm?fa=downloads.patchesSer...

x_refsource_CONFIRM

http://secunia.com/advisories/15196

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
May 3, 2005
Vulnerability Reserved
May 2, 2005

Esri

What is CVE-2005-1393?

References

Timeline