← back
CVE-2005-1394

CVE-2005-1394

EPSS 0.8%
Format string vulnerability in ArcGIS for ESRI ArcInfo Workstation 9.0 allows local users to gain privileges via format string specifiers in the ARCHOME environment variable to (1) wservice or (2) lockmgr.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://marc.info/?l=full-disclosure&m=111489411524630&w=2http://secunia.com/advisories/15196http://securitytracker.com/id?1013852http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=14&MetaID=1015http://www.digitalmunition.com/DMA%5B2005-0425a%5D.txt