Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for arcsde by esri

    CVE-2007-4278 (GCVE-0-2007-4278)

    Vulnerability from nvd – Published: 2007-08-15 22:00 – Updated: 2024-08-07 14:46
    VLAI
    Summary
    Stack-based buffer overflow in the giomgr process in ESRI ArcSDE service 9.2, as used with ArcGIS, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number that requires more than 8 bytes to represent in ASCII, which triggers the overflow in an sprintf function call.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://downloads.esri.com/support/downloads/other… x_refsource_CONFIRM
    http://secunia.com/advisories/26452 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://securitytracker.com/id?1018574 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2007/2911 vdb-entryx_refsource_VUPEN
    http://labs.idefense.com/intelligence/vulnerabili… third-party-advisoryx_refsource_IDEFENSE
    http://www.securityfocus.com/bid/25334 vdb-entryx_refsource_BID
    Date Public
    2007-08-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:46:39.523Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://downloads.esri.com/support/downloads/other_/ArcSDE-92sp3-issues.htm"
              },
              {
                "name": "26452",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26452"
              },
              {
                "name": "esri-arcsde-numeric-bo(36042)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36042"
              },
              {
                "name": "1018574",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1018574"
              },
              {
                "name": "ADV-2007-2911",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2911"
              },
              {
                "name": "20070815 ESRI ArcSDE Numeric Literal Buffer Overflow Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=577"
              },
              {
                "name": "25334",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/25334"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-08-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in the giomgr process in ESRI ArcSDE service 9.2, as used with ArcGIS, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number that requires more than 8 bytes to represent in ASCII, which triggers the overflow in an sprintf function call."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://downloads.esri.com/support/downloads/other_/ArcSDE-92sp3-issues.htm"
            },
            {
              "name": "26452",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26452"
            },
            {
              "name": "esri-arcsde-numeric-bo(36042)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36042"
            },
            {
              "name": "1018574",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1018574"
            },
            {
              "name": "ADV-2007-2911",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2911"
            },
            {
              "name": "20070815 ESRI ArcSDE Numeric Literal Buffer Overflow Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=577"
            },
            {
              "name": "25334",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/25334"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-4278",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in the giomgr process in ESRI ArcSDE service 9.2, as used with ArcGIS, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number that requires more than 8 bytes to represent in ASCII, which triggers the overflow in an sprintf function call."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://downloads.esri.com/support/downloads/other_/ArcSDE-92sp3-issues.htm",
                  "refsource": "CONFIRM",
                  "url": "http://downloads.esri.com/support/downloads/other_/ArcSDE-92sp3-issues.htm"
                },
                {
                  "name": "26452",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26452"
                },
                {
                  "name": "esri-arcsde-numeric-bo(36042)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36042"
                },
                {
                  "name": "1018574",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1018574"
                },
                {
                  "name": "ADV-2007-2911",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2911"
                },
                {
                  "name": "20070815 ESRI ArcSDE Numeric Literal Buffer Overflow Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=577"
                },
                {
                  "name": "25334",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/25334"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-4278",
        "datePublished": "2007-08-15T22:00:00.000Z",
        "dateReserved": "2007-08-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:46:39.523Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-1770 (GCVE-0-2007-1770)

    Vulnerability from nvd – Published: 2007-03-30 01:00 – Updated: 2024-08-07 13:06
    VLAI
    Summary
    Buffer overflow in the ArcSDE service (giomgr) in Environmental Systems Research Institute (ESRI) ArcGIS before 9.2 Service Pack 2, when using three tiered ArcSDE configurations, allows remote attackers to cause a denial of service (giomgr crash) and execute arbitrary code via long parameters in crafted requests.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2007-03-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:06:26.434Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1017874",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1017874"
              },
              {
                "name": "23175",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/23175"
              },
              {
                "name": "arcsde-tcpport-bo(33457)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33457"
              },
              {
                "name": "24639",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24639"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch\u0026PID=19\u0026MetaID=1261"
              },
              {
                "name": "arcsde-three-tiered-dos(33282)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33282"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch\u0026PID=19\u0026MetaID=1262"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch\u0026PID=19\u0026MetaID=1260"
              },
              {
                "name": "20070404 ESRI ArcSDE Buffer Overflow Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=507"
              },
              {
                "name": "ADV-2007-1140",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/1140"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-03-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the ArcSDE service (giomgr) in Environmental Systems Research Institute (ESRI) ArcGIS before 9.2 Service Pack 2, when using three tiered ArcSDE configurations, allows remote attackers to cause a denial of service (giomgr crash) and execute arbitrary code via long parameters in crafted requests."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1017874",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1017874"
            },
            {
              "name": "23175",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/23175"
            },
            {
              "name": "arcsde-tcpport-bo(33457)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33457"
            },
            {
              "name": "24639",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24639"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch\u0026PID=19\u0026MetaID=1261"
            },
            {
              "name": "arcsde-three-tiered-dos(33282)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33282"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch\u0026PID=19\u0026MetaID=1262"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch\u0026PID=19\u0026MetaID=1260"
            },
            {
              "name": "20070404 ESRI ArcSDE Buffer Overflow Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=507"
            },
            {
              "name": "ADV-2007-1140",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/1140"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-1770",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in the ArcSDE service (giomgr) in Environmental Systems Research Institute (ESRI) ArcGIS before 9.2 Service Pack 2, when using three tiered ArcSDE configurations, allows remote attackers to cause a denial of service (giomgr crash) and execute arbitrary code via long parameters in crafted requests."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1017874",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1017874"
                },
                {
                  "name": "23175",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/23175"
                },
                {
                  "name": "arcsde-tcpport-bo(33457)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33457"
                },
                {
                  "name": "24639",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/24639"
                },
                {
                  "name": "http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch\u0026PID=19\u0026MetaID=1261",
                  "refsource": "CONFIRM",
                  "url": "http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch\u0026PID=19\u0026MetaID=1261"
                },
                {
                  "name": "arcsde-three-tiered-dos(33282)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33282"
                },
                {
                  "name": "http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch\u0026PID=19\u0026MetaID=1262",
                  "refsource": "CONFIRM",
                  "url": "http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch\u0026PID=19\u0026MetaID=1262"
                },
                {
                  "name": "http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch\u0026PID=19\u0026MetaID=1260",
                  "refsource": "CONFIRM",
                  "url": "http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch\u0026PID=19\u0026MetaID=1260"
                },
                {
                  "name": "20070404 ESRI ArcSDE Buffer Overflow Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=507"
                },
                {
                  "name": "ADV-2007-1140",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/1140"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-1770",
        "datePublished": "2007-03-30T01:00:00.000Z",
        "dateReserved": "2007-03-29T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:06:26.434Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-4278 (GCVE-0-2007-4278)

    Vulnerability from cvelistv5 – Published: 2007-08-15 22:00 – Updated: 2024-08-07 14:46
    VLAI
    Summary
    Stack-based buffer overflow in the giomgr process in ESRI ArcSDE service 9.2, as used with ArcGIS, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number that requires more than 8 bytes to represent in ASCII, which triggers the overflow in an sprintf function call.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://downloads.esri.com/support/downloads/other… x_refsource_CONFIRM
    http://secunia.com/advisories/26452 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://securitytracker.com/id?1018574 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2007/2911 vdb-entryx_refsource_VUPEN
    http://labs.idefense.com/intelligence/vulnerabili… third-party-advisoryx_refsource_IDEFENSE
    http://www.securityfocus.com/bid/25334 vdb-entryx_refsource_BID
    Date Public
    2007-08-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:46:39.523Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://downloads.esri.com/support/downloads/other_/ArcSDE-92sp3-issues.htm"
              },
              {
                "name": "26452",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26452"
              },
              {
                "name": "esri-arcsde-numeric-bo(36042)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36042"
              },
              {
                "name": "1018574",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1018574"
              },
              {
                "name": "ADV-2007-2911",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2911"
              },
              {
                "name": "20070815 ESRI ArcSDE Numeric Literal Buffer Overflow Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=577"
              },
              {
                "name": "25334",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/25334"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-08-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in the giomgr process in ESRI ArcSDE service 9.2, as used with ArcGIS, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number that requires more than 8 bytes to represent in ASCII, which triggers the overflow in an sprintf function call."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://downloads.esri.com/support/downloads/other_/ArcSDE-92sp3-issues.htm"
            },
            {
              "name": "26452",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26452"
            },
            {
              "name": "esri-arcsde-numeric-bo(36042)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36042"
            },
            {
              "name": "1018574",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1018574"
            },
            {
              "name": "ADV-2007-2911",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2911"
            },
            {
              "name": "20070815 ESRI ArcSDE Numeric Literal Buffer Overflow Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=577"
            },
            {
              "name": "25334",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/25334"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-4278",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in the giomgr process in ESRI ArcSDE service 9.2, as used with ArcGIS, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number that requires more than 8 bytes to represent in ASCII, which triggers the overflow in an sprintf function call."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://downloads.esri.com/support/downloads/other_/ArcSDE-92sp3-issues.htm",
                  "refsource": "CONFIRM",
                  "url": "http://downloads.esri.com/support/downloads/other_/ArcSDE-92sp3-issues.htm"
                },
                {
                  "name": "26452",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26452"
                },
                {
                  "name": "esri-arcsde-numeric-bo(36042)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36042"
                },
                {
                  "name": "1018574",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1018574"
                },
                {
                  "name": "ADV-2007-2911",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2911"
                },
                {
                  "name": "20070815 ESRI ArcSDE Numeric Literal Buffer Overflow Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=577"
                },
                {
                  "name": "25334",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/25334"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-4278",
        "datePublished": "2007-08-15T22:00:00.000Z",
        "dateReserved": "2007-08-09T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:46:39.523Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-1770 (GCVE-0-2007-1770)

    Vulnerability from cvelistv5 – Published: 2007-03-30 01:00 – Updated: 2024-08-07 13:06
    VLAI
    Summary
    Buffer overflow in the ArcSDE service (giomgr) in Environmental Systems Research Institute (ESRI) ArcGIS before 9.2 Service Pack 2, when using three tiered ArcSDE configurations, allows remote attackers to cause a denial of service (giomgr crash) and execute arbitrary code via long parameters in crafted requests.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2007-03-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:06:26.434Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1017874",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1017874"
              },
              {
                "name": "23175",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/23175"
              },
              {
                "name": "arcsde-tcpport-bo(33457)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33457"
              },
              {
                "name": "24639",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24639"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch\u0026PID=19\u0026MetaID=1261"
              },
              {
                "name": "arcsde-three-tiered-dos(33282)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33282"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch\u0026PID=19\u0026MetaID=1262"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch\u0026PID=19\u0026MetaID=1260"
              },
              {
                "name": "20070404 ESRI ArcSDE Buffer Overflow Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=507"
              },
              {
                "name": "ADV-2007-1140",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/1140"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-03-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the ArcSDE service (giomgr) in Environmental Systems Research Institute (ESRI) ArcGIS before 9.2 Service Pack 2, when using three tiered ArcSDE configurations, allows remote attackers to cause a denial of service (giomgr crash) and execute arbitrary code via long parameters in crafted requests."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1017874",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1017874"
            },
            {
              "name": "23175",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/23175"
            },
            {
              "name": "arcsde-tcpport-bo(33457)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33457"
            },
            {
              "name": "24639",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24639"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch\u0026PID=19\u0026MetaID=1261"
            },
            {
              "name": "arcsde-three-tiered-dos(33282)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33282"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch\u0026PID=19\u0026MetaID=1262"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch\u0026PID=19\u0026MetaID=1260"
            },
            {
              "name": "20070404 ESRI ArcSDE Buffer Overflow Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=507"
            },
            {
              "name": "ADV-2007-1140",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/1140"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-1770",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in the ArcSDE service (giomgr) in Environmental Systems Research Institute (ESRI) ArcGIS before 9.2 Service Pack 2, when using three tiered ArcSDE configurations, allows remote attackers to cause a denial of service (giomgr crash) and execute arbitrary code via long parameters in crafted requests."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1017874",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1017874"
                },
                {
                  "name": "23175",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/23175"
                },
                {
                  "name": "arcsde-tcpport-bo(33457)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33457"
                },
                {
                  "name": "24639",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/24639"
                },
                {
                  "name": "http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch\u0026PID=19\u0026MetaID=1261",
                  "refsource": "CONFIRM",
                  "url": "http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch\u0026PID=19\u0026MetaID=1261"
                },
                {
                  "name": "arcsde-three-tiered-dos(33282)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33282"
                },
                {
                  "name": "http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch\u0026PID=19\u0026MetaID=1262",
                  "refsource": "CONFIRM",
                  "url": "http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch\u0026PID=19\u0026MetaID=1262"
                },
                {
                  "name": "http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch\u0026PID=19\u0026MetaID=1260",
                  "refsource": "CONFIRM",
                  "url": "http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch\u0026PID=19\u0026MetaID=1260"
                },
                {
                  "name": "20070404 ESRI ArcSDE Buffer Overflow Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=507"
                },
                {
                  "name": "ADV-2007-1140",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/1140"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-1770",
        "datePublished": "2007-03-30T01:00:00.000Z",
        "dateReserved": "2007-03-29T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:06:26.434Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }