Vulnerabilities > CVE-2021-29117 - Use After Free vulnerability in Esri Arcreader

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
esri
CWE-416
NVD
Published: 2022-08-12
Updated: 2023-11-07

Summary

A use-after-free vulnerability when parsing a specially crafted file in Esri ArcReader 10.8.1 (and earlier) allows an unauthenticated attacker to achieve arbitrary code execution in the context of the current user.

Vulnerable Configurations

Part Description Count
Application
Esri
8

Common Weakness Enumeration (CWE)

References