Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcGIS Server 10.8.1 (and earlier) allows an authenticated attacker with specialized permissions to achieve arbitrary code execution in the context of the service account.
References
Configurations
History
21 Nov 2024, 06:00
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/security-advisory-server-imageĀ - Vendor Advisory |
23 Feb 2024, 19:38
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:esri:arcgis_server:*:*:*:*:*:*:*:* | |
First Time |
Esri arcgis Server
|
Information
Published : 2021-03-25 21:15
Updated : 2024-11-21 06:00
NVD link : CVE-2021-29095
Mitre link : CVE-2021-29095
CVE.ORG link : CVE-2021-29095
JSON object : View
Products Affected
esri
- arcgis_server
CWE
CWE-824
Access of Uninitialized Pointer