RSS   Vulnerabilities for 'Arcgis earth'   RSS

2021-05-05
 
CVE-2021-29100

CWE-22
 

 
A path traversal vulnerability exists in Esri ArcGIS Earth versions 1.11.0 and below which allows arbitrary file creation on an affected system through crafted input. An attacker could exploit this vulnerability to gain arbitrary code execution under security context of the user running ArcGIS Earth by inducing the user to upload a crafted file to an affected system.

 

 >>> Vendor: ESRI 16 Products
Arcinfo workstation
Arcgis
Arcpad
Arcmap
Arcgis for server
Arcgis for desktop
Arcgis for engine
Arcgis enterprise
Arcgis desktop
Arcgis pro
Arcreader
Arcgis engine
Arcgis online
Arcgis earth
Arcgis server
Portal for arcgis


Copyright 2024, cxsecurity.com

 

Back to Top