CVE-2012-1661

ESRI ArcMap 9 and ArcGIS 10.0.2.3200 and earlier does not properly prompt users before executing embedded VBA macros, which allows user-assisted remote attackers to execute arbitrary VBA code via a crafted map (.mxd) file.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:esri:arcgis:*:*:*:*:*:*:*:*
cpe:2.3:a:esri:arcgis:9.0:*:*:*:*:*:*:*
cpe:2.3:a:esri:arcmap:9.0:*:*:*:*:*:*:*

Information

Published : 2012-07-12 14:55

Updated : 2012-07-15 21:00


NVD link : CVE-2012-1661

Mitre link : CVE-2012-1661


JSON object : View

CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')

Advertisement

dedicated server usa

Products Affected

esri

  • arcmap
  • arcgis