CVE-2005-1393
Summary
| CVE | CVE-2005-1393 |
|---|---|
| State | PUBLISHED |
| Assigner | mitre |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2005-05-03 04:00:00 UTC |
| Updated | 2025-04-03 01:03:51 UTC |
| Description | Multiple buffer overflows in ArcGIS for ESRI ArcInfo Workstation 9.0 allow local users to execute arbitrary code via long command line arguments to (1) asmaster, (2) asuser, (3) asutility, (4) se, or (5) asrecovery. |
Risk And Classification
Primary CVSS: v2.0 4.6 from [email protected]
AV:L/AC:L/Au:N/C:P/I:P/A:P
Problem Types: NVD-CWE-Other | n/a
CVSS v2.0 Breakdown
Access Vector
LocalAccess Complexity
LowAuthentication
NoneConfidentiality
PartialIntegrity
PartialAvailability
PartialAV:L/AC:L/Au:N/C:P/I:P/A:P
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Esri | Arcinfo Workstation | 9.0 | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Secunia - Advisories - ArcInfo Workstation Format String and Buffer Overflow Vulnerabilities | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | |
| ArcGIS Buffer Overflows and Format String Errors Let Local Users Gain Root Privilegges - SecurityTracker | af854a3a-2127-422b-91ae-364da2661108 | securitytracker.com | |
| Patches and Service Packs - ESRI Support | af854a3a-2127-422b-91ae-364da2661108 | support.esri.com | |
| www.digitalmunition.com/DMA%5B2005-0425a%5D.txt | af854a3a-2127-422b-91ae-364da2661108 | www.digitalmunition.com | Exploit, Patch |
| marc.info | af854a3a-2127-422b-91ae-364da2661108 | marc.info | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.