CVE-2007-4278: CVE-2007-4278

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2007-4278

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Stack-based buffer overflow in the giomgr process in ESRI ArcSDE service 9.2, as used with ArcGIS, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number that requires more than 8 bytes to represent in ASCII, which triggers the overflow in an sprintf function call.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

ESRI ArcSDE Server SPrintf函数远程栈缓冲区溢出漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

ArcSDE是一个用于访问存储于关系数据库管理系统(RDBMS)中的海量多用户地理数据库的服务器软件产品。 ArcSDE的实现上存在多个缓冲区溢出漏洞，远程攻击者可能利用这些漏洞控制服务器。 ArcSDE在表示用户所提供的ASCII数值时没有分配充分的缓冲区空间，某些请求可能导致sprintf()调用使用静态的8字节栈缓冲区。如果攻击者所提供数字的ASCII值无法在8个字节中表示，就可能触发栈溢出。远程攻击者可以通过向服务器的默认TCP 5151端口提交特制请求来触发这个溢出。由于攻击者只能使用数值和单

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2007-4278

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2007-4278

Please Login to view more intelligence information

http://downloads.esri.com/support/downloads/other_/ArcSDE-92sp3-issues.htmx_refsource_CONFIRM
http://secunia.com/advisories/26452third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/25334vdb-entryx_refsource_BID
http://securitytracker.com/id?1018574vdb-entryx_refsource_SECTRACK
http://www.vupen.com/english/advisories/2007/2911vdb-entryx_refsource_VUPEN
https://exchange.xforce.ibmcloud.com/vulnerabilities/36042vdb-entryx_refsource_XF
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=577third-party-advisoryx_refsource_IDEFENSE
https://nvd.nist.gov/vuln/detail/CVE-2007-4278

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2007-4278

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2007-4278

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2007-4278

III. Intelligence Information for CVE-2007-4278

IV. Related Vulnerabilities

V. Comments for CVE-2007-4278

Leave a comment