Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
ArcGIS Earth has a File Parsing Directory Traversal Vulnerability
Vulnerability Description
A path traversal vulnerability exists in Esri ArcGIS Earth versions 1.11.0 and below which allows arbitrary file creation on an affected system through crafted input. An attacker could exploit this vulnerability to gain arbitrary code execution under security context of the user running ArcGIS Earth by inducing the user to upload a crafted file to an affected system.
CVSS Information
N/A
Vulnerability Type
相对路径遍历
Vulnerability Title
ESRI ArcGIS Earth 路径遍历漏洞
Vulnerability Description
ESRI ArcGIS Earth是美国ESRI公司的一个应用软件。提供可视化,编辑KML并在3D Globe上共享功能。 ArcGIS Earth: 1.11.0 存在安全漏洞,该漏洞源于KMZ文件解析过程中的输入验证错误。远程攻击者可利用该漏洞可以发送专门设计的HTTP请求,并在系统上创建任意文件。远程攻击者可利用该漏洞执行目录遍历攻击。
CVSS Information
N/A
Vulnerability Type
N/A