CyberSec.Space Logo
返回 CVE 浏览器

CVE-2007-4278

HIGH
7.5
CVSS Severity Score
EPSS Score0.1530%
EPSS Percentile18.04th
Published2007年8月15日
Last Modified2026年4月23日

Vulnerability Description

Stack-based buffer overflow in the giomgr process in ESRI ArcSDE service 9.2, as used with ArcGIS, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number that requires more than 8 bytes to represent in ASCII, which triggers the overflow in an sprintf function call.

Affected Platforms (CPE)

📦
Esri

Arcsde

= 9.2

References & Advisories

🔗 http://downloads.esri.com/support/downloads/other_/ArcSDE-92sp3-issues.htm
🔗 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=577
🔗 http://secunia.com/advisories/26452
🔗 http://securitytracker.com/id?1018574
🔗 http://www.securityfocus.com/bid/25334
🔗 http://www.vupen.com/english/advisories/2007/2911
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/36042
🔗 http://downloads.esri.com/support/downloads/other_/ArcSDE-92sp3-issues.htm

相关漏洞威胁

CVE-2007-177010.0

Buffer overflow in the ArcSDE service (giomgr) in Environmental Systems Research Institute (ESRI) ArcGIS before 9.2 Service Pack 2...

CVE-2007-005710.0

Cisco Clean Access (CCA) 3.6.x through 3.6.4.2 and 4.0.x through 4.0.3.2 does not properly configure or allow modification of a sh...

CVE-2007-010010.0

The Perforce client does not restrict the set of files that it overwrites upon receiving a request from the server, which allows r...

CVE-2007-011710.0

DiskManagementTool in the DiskManagement.framework 92.29 on Mac OS X 10.4.8 does not properly validate Bill of Materials (BOM) fil...