CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-29112 – Esri ArcReader PMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-29112
31 Jan 2022 — An out-of-bounds read vulnerability exists when parsing a specially crafted file in Esri ArcReader 10.8.1 (and earlier) which allow an unauthenticated attacker to induce an information disclosure issue in the context of the current user. Se presenta una vulnerabilidad de lectura fuera de límites cuando es analizado un archivo especialmente diseñado en Esri ArcReader versiones 10.8.1 (y anteriores) que permite a un atacante no autenticado inducir un problema de divulgación de información en el contexto del u... • https://www.esri.com/arcgis-blog/products/arcgis-desktop/administration/arcreader-general-data-frame-security-update • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-29117 – arcreader use-after-free
https://notcve.org/view.php?id=CVE-2021-29117
31 Jan 2022 — A use-after-free vulnerability when parsing a specially crafted file in Esri ArcReader 10.8.1 (and earlier) allows an unauthenticated attacker to achieve arbitrary code execution in the context of the current user. Una vulnerabilidad de uso de memoria previamente liberada cuando es analizado un archivo especialmente diseñado en Esri ArcReader versiones 10.8.1 (y anteriores) permite a un atacante no autenticado lograr la ejecución de código arbitrario en el contexto del usuario actual. This vulnerability all... • https://www.esri.com/arcgis-blog/products/arcgis-desktop/administration/arcreader-general-data-frame-security-update • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-29118 – Esri ArcReader PMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-29118
31 Jan 2022 — An out-of-bounds read vulnerability exists when parsing a specially crafted file in Esri ArcReader 10.8.1 (and earlier) which allow an unauthenticated attacker to induce an information disclosure issue in the context of the current user. Se presenta una vulnerabilidad de lectura fuera de límites cuando es analizado un archivo especialmente diseñado en Esri ArcReader versiones 10.8.1 (y anteriores) que permite a un atacante no autenticado inducir un problema de divulgación de información en el contexto del u... • https://www.esri.com/arcgis-blog/products/arcgis-desktop/administration/arcreader-general-data-frame-security-update • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-29098 – ArcGIS general raster security update: uninitialized pointer
https://notcve.org/view.php?id=CVE-2021-29098
25 Mar 2021 — Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcReader, ArcGIS Desktop, ArcGIS Engine 10.8.1 (and earlier) and ArcGIS Pro 2.7 (and earlier) allow an unauthenticated attacker to achieve arbitrary code execution in the context of the current user. Múltiples vulnerabilidades de puntero no inicializado cuando se analiza un archivo especialmente diseñado en Esri ArcReader, ArcGIS Desktop, ArcGIS Engine versiones 10.8.1 (y anteriores) y ArcGIS Pro versiones 2.7 (y a... • https://www.esri.com/arcgis-blog/products/arcgis/administration/security-advisory-general-raster • CWE-824: Access of Uninitialized Pointer •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-29097 – ArcGIS general raster security update: buffer overflow
https://notcve.org/view.php?id=CVE-2021-29097
25 Mar 2021 — Multiple buffer overflow vulnerabilities when parsing a specially crafted file in Esri ArcReader, ArcGIS Desktop, ArcGIS Engine 10.8.1 (and earlier) and ArcGIS Pro 2.7 (and earlier) allow an unauthenticated attacker to achieve arbitrary code execution in the context of the current user. Múltiples vulnerabilidades de desbordamiento de búfer cuando se analiza un archivo especialmente diseñado en Esri ArcReader, ArcGIS Desktop, ArcGIS Engine versiones 10.8.1 (y anteriores) y ArcGIS Pro versiones 2.7 (y anterio... • https://www.esri.com/arcgis-blog/products/arcgis/administration/security-advisory-general-raster • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-29096 – ArcGIS general raster security update: use-after-free
https://notcve.org/view.php?id=CVE-2021-29096
25 Mar 2021 — A use-after-free vulnerability when parsing a specially crafted file in Esri ArcReader, ArcGIS Desktop, ArcGIS Engine 10.8.1 (and earlier) and ArcGIS Pro 2.7 (and earlier) allows an unauthenticated attacker to achieve arbitrary code execution in the context of the current user. Una vulnerabilidad de uso de la memoria previamente liberada cuando se analiza un archivo especialmente diseñado en Esri ArcReader, ArcGIS Desktop, ArcGIS Engine versiones 10.8.1 (y anteriores) y ArcGIS Pro versiones 2.7 (y anteriore... • https://www.esri.com/arcgis-blog/products/arcgis/administration/security-advisory-general-raster • CWE-416: Use After Free •