Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcGIS Server 10.8.1 (and earlier) allows an authenticated attacker with specialized permissions to achieve arbitrary code execution in the context of the service account.
References
Link | Resource |
---|---|
https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/security-advisory-server-image | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Esri
Published: 2021-03-16T00:00:00
Updated: 2021-03-25T20:34:59
Reserved: 2021-03-23T00:00:00
Link: CVE-2021-29095
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-03-25T21:15:13.357
Modified: 2024-02-23T19:38:04.767
Link: CVE-2021-29095
JSON object: View
Redhat Information
No data.
CWE