CVEブラウザに戻る

CVE-2007-1770

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0500%

EPSS Percentile31.92th

Published2007年3月30日

Last Modified2026年4月23日

Vulnerability Description

Buffer overflow in the ArcSDE service (giomgr) in Environmental Systems Research Institute (ESRI) ArcGIS before 9.2 Service Pack 2, when using three tiered ArcSDE configurations, allows remote attackers to cause a denial of service (giomgr crash) and execute arbitrary code via long parameters in crafted requests.

Affected Platforms (CPE)

📦

Esri

Arcsde

= 8.3

📦

Esri

Arcsde

= 8.3

📦

Esri

Arcsde

= 9.0

📦

Esri

Arcsde

= 9.0

📦

Esri

Arcsde

= 9.0

📦

Esri

Arcsde

= 9.1

📦

Esri

Arcsde

= 9.1

📦

Esri

Arcsde

= 9.1

References & Advisories

🔗 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=507

🔗 http://secunia.com/advisories/24639

🔗 http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=19&MetaID=1260

🔗 http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=19&MetaID=1261

🔗 http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=19&MetaID=1262

🔗 http://www.securityfocus.com/bid/23175

🔗 http://www.securitytracker.com/id?1017874

🔗 http://www.vupen.com/english/advisories/2007/1140

関連する脆弱性情報

CVE-2007-42787.5

Stack-based buffer overflow in the giomgr process in ESRI ArcSDE service 9.2, as used with ArcGIS, allows remote attackers to caus...

CVE-2007-010010.0

The Perforce client does not restrict the set of files that it overwrites upon receiving a request from the server, which allows r...

CVE-2007-005710.0

Cisco Clean Access (CCA) 3.6.x through 3.6.4.2 and 4.0.x through 4.0.3.2 does not properly configure or allow modification of a sh...

CVE-2007-011710.0

DiskManagementTool in the DiskManagement.framework 92.29 on Mac OS X 10.4.8 does not properly validate Bill of Materials (BOM) fil...