{"api_version":"1","generated_at":"2026-04-23T11:33:38+00:00","cve":"CVE-2005-1393","urls":{"html":"https://cve.report/CVE-2005-1393","api":"https://cve.report/api/cve/CVE-2005-1393.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2005-1393","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2005-1393"},"summary":{"title":"CVE-2005-1393","description":"Multiple buffer overflows in ArcGIS for ESRI ArcInfo Workstation 9.0 allow local users to execute arbitrary code via long command line arguments to (1) asmaster, (2) asuser, (3) asutility, (4) se, or (5) asrecovery.","state":"PUBLISHED","assigner":"mitre","published_at":"2005-05-03 04:00:00","updated_at":"2025-04-03 01:03:51"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"4.6","severity":"","vector":"AV:L/AC:L/Au:N/C:P/I:P/A:P","data":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"}}],"references":[{"url":"http://secunia.com/advisories/15196","name":"http://secunia.com/advisories/15196","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Secunia - Advisories - ArcInfo Workstation Format String and Buffer Overflow Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://securitytracker.com/id?1013852","name":"http://securitytracker.com/id?1013852","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"ArcGIS Buffer Overflows and Format String Errors Let Local Users Gain Root Privilegges - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=14&MetaID=1015","name":"http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=14&MetaID=1015","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Patches and Service Packs - ESRI Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.digitalmunition.com/DMA%5B2005-0425a%5D.txt","name":"http://www.digitalmunition.com/DMA%5B2005-0425a%5D.txt","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch"],"title":"","mime":"text/plain","httpstatus":"200","archivestatus":"200"},{"url":"http://marc.info/?l=full-disclosure&m=111489411524630&w=2","name":"http://marc.info/?l=full-disclosure&m=111489411524630&w=2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2005-1393","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2005-1393","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2005","cve_id":"1393","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"esri","cpe5":"arcinfo_workstation","cpe6":"9.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T21:51:49.379Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"20050430 DMA[2005-0425a] - 'ESRI ArcGIS 9.x multiple local vulnerabilities","tags":["mailing-list","x_refsource_FULLDISC","x_transferred"],"url":"http://marc.info/?l=full-disclosure&m=111489411524630&w=2"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=14&MetaID=1015"},{"name":"15196","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/15196"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://www.digitalmunition.com/DMA%5B2005-0425a%5D.txt"},{"name":"1013852","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://securitytracker.com/id?1013852"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2005-04-30T00:00:00.000Z","descriptions":[{"lang":"en","value":"Multiple buffer overflows in ArcGIS for ESRI ArcInfo Workstation 9.0 allow local users to execute arbitrary code via long command line arguments to (1) asmaster, (2) asuser, (3) asutility, (4) se, or (5) asrecovery."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2016-10-17T13:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"20050430 DMA[2005-0425a] - 'ESRI ArcGIS 9.x multiple local vulnerabilities","tags":["mailing-list","x_refsource_FULLDISC"],"url":"http://marc.info/?l=full-disclosure&m=111489411524630&w=2"},{"tags":["x_refsource_CONFIRM"],"url":"http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=14&MetaID=1015"},{"name":"15196","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/15196"},{"tags":["x_refsource_MISC"],"url":"http://www.digitalmunition.com/DMA%5B2005-0425a%5D.txt"},{"name":"1013852","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://securitytracker.com/id?1013852"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2005-1393","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Multiple buffer overflows in ArcGIS for ESRI ArcInfo Workstation 9.0 allow local users to execute arbitrary code via long command line arguments to (1) asmaster, (2) asuser, (3) asutility, (4) se, or (5) asrecovery."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"20050430 DMA[2005-0425a] - 'ESRI ArcGIS 9.x multiple local vulnerabilities","refsource":"FULLDISC","url":"http://marc.info/?l=full-disclosure&m=111489411524630&w=2"},{"name":"http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=14&MetaID=1015","refsource":"CONFIRM","url":"http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=14&MetaID=1015"},{"name":"15196","refsource":"SECUNIA","url":"http://secunia.com/advisories/15196"},{"name":"http://www.digitalmunition.com/DMA%5B2005-0425a%5D.txt","refsource":"MISC","url":"http://www.digitalmunition.com/DMA%5B2005-0425a%5D.txt"},{"name":"1013852","refsource":"SECTRACK","url":"http://securitytracker.com/id?1013852"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2005-1393","datePublished":"2005-05-02T04:00:00.000Z","dateReserved":"2005-05-02T00:00:00.000Z","dateUpdated":"2024-08-07T21:51:49.379Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2005-05-03 04:00:00","lastModifiedDate":"2025-04-03 01:03:51","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":true,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:esri:arcinfo_workstation:9.0:*:*:*:*:*:*:*","matchCriteriaId":"B64E5827-8AEF-458D-9AFD-2D7A8FFD83C6"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2005","CveId":"1393","Ordinal":"1","Title":"CVE-2005-1393","CVE":"CVE-2005-1393","Year":"2005"},"notes":[{"CveYear":"2005","CveId":"1393","Ordinal":"1","NoteData":"Multiple buffer overflows in ArcGIS for ESRI ArcInfo Workstation 9.0 allow local users to execute arbitrary code via long command line arguments to (1) asmaster, (2) asuser, (3) asutility, (4) se, or (5) asrecovery.","Type":"Description","Title":"CVE-2005-1393"},{"CveYear":"2005","CveId":"1393","Ordinal":"2","NoteData":"2005-05-02","Type":"Other","Title":"Published"},{"CveYear":"2005","CveId":"1393","Ordinal":"3","NoteData":"2016-10-17","Type":"Other","Title":"Modified"}]}}}