Vulnerabilities > CVE-2007-1770 - Stack Buffer Overflow vulnerability in ESRI ArcSDE Server
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Buffer overflow in the ArcSDE service (giomgr) in Environmental Systems Research Institute (ESRI) ArcGIS before 9.2 Service Pack 2, when using three tiered ArcSDE configurations, allows remote attackers to cause a denial of service (giomgr crash) and execute arbitrary code via long parameters in crafted requests.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=507
- http://secunia.com/advisories/24639
- http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=19&MetaID=1260
- http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=19&MetaID=1261
- http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=19&MetaID=1262
- http://www.securityfocus.com/bid/23175
- http://www.securitytracker.com/id?1017874
- http://www.vupen.com/english/advisories/2007/1140
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33282
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33457