ID |
CVE-2005-1394
|
Summary |
Format string vulnerability in ArcGIS for ESRI ArcInfo Workstation 9.0 allows local users to gain privileges via format string specifiers in the ARCHOME environment variable to (1) wservice or (2) lockmgr. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 7.2 (as of 18-10-2016 - 03:19) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
LOCAL |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
COMPLETE |
COMPLETE |
COMPLETE |
|
cvss-vector
via4
|
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
refmap
via4
|
|
Last major update |
18-10-2016 - 03:19 |
Published |
03-05-2005 - 04:00 |
Last modified |
18-10-2016 - 03:19 |