CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-29094 – ArcGIS Server image service and raster analytics security update: buffer overflow
https://notcve.org/view.php?id=CVE-2021-29094
Multiple buffer overflow vulnerabilities when parsing a specially crafted file in Esri ArcGIS Server 10.8.1 (and earlier) allows an authenticated attacker with specialized permissions to achieve arbitrary code execution in the context of the service account. Múltiples vulnerabilidades de desbordamiento de búfer cuando se analiza un archivo especialmente diseñado en Esri ArcGIS Server versiones 10.8.1 (y anteriores), permiten a un atacante autenticado con permisos especializados lograr una ejecución de código arbitrario en el contexto de la cuenta de servicio • https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/security-advisory-server-image • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-29093 – ArcGIS Server image service and raster analytics security update: use-after-free
https://notcve.org/view.php?id=CVE-2021-29093
A use-after-free vulnerability when parsing a specially crafted file in Esri ArcGIS Server 10.8.1 (and earlier) allows an authenticated attacker with specialized permissions to achieve arbitrary code execution in the context of the service account. Una vulnerabilidad de uso de la memoria previamente liberada cuando se analiza un archivo especialmente diseñado en Esri ArcGIS Server versiones 10.8.1 (y anteriores), permite a un atacante autenticado con permisos especializados lograr una ejecución de código arbitrario en el contexto de la cuenta de servicio • https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/security-advisory-server-image • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-29096 – ArcGIS general raster security update: use-after-free
https://notcve.org/view.php?id=CVE-2021-29096
A use-after-free vulnerability when parsing a specially crafted file in Esri ArcReader, ArcGIS Desktop, ArcGIS Engine 10.8.1 (and earlier) and ArcGIS Pro 2.7 (and earlier) allows an unauthenticated attacker to achieve arbitrary code execution in the context of the current user. Una vulnerabilidad de uso de la memoria previamente liberada cuando se analiza un archivo especialmente diseñado en Esri ArcReader, ArcGIS Desktop, ArcGIS Engine versiones 10.8.1 (y anteriores) y ArcGIS Pro versiones 2.7 (y anteriores), permite a un atacante no autenticado lograr una ejecución de código arbitrario en el contexto de el usuario actual This vulnerability allows remote attackers to execute arbitrary code on affected installations of Esri ArcReader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PMF files. Crafted data in a PMF file can cause a pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.esri.com/arcgis-blog/products/arcgis/administration/security-advisory-general-raster https://www.zerodayinitiative.com/advisories/ZDI-21-370 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-35712
https://notcve.org/view.php?id=CVE-2020-35712
Esri ArcGIS Server before 10.8 is vulnerable to SSRF in some configurations. Esri ArcGIS Server versiones anteriores a 10.8, es susceptible a una vulnerabilidad de tipo SSRF en algunas configuraciones • https://support.esri.com/en/bugs/nimbus/QlVHLTAwMDEyODA2MA== https://support.esri.com/en/technical-article/000022931 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2019-16193
https://notcve.org/view.php?id=CVE-2019-16193
In ArcGIS Enterprise 10.6.1, a crafted IFRAME element can be used to trigger a Cross Frame Scripting (XFS) attack through the EDIT MY PROFILE feature. En ArcGIS Enterprise versión 10.6.1, un elemento IFRAME diseñado puede ser usado para desencadenar un ataque Cross Frame Scripting (XFS) por medio de la funcionalidad EDIT MY PROFILE. • https://www.facebook.com/Huang.YuHsiang.Phone/posts/1795457353931689 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •