Approved changes feed: RSS · Atom
cpe:2.3:a:esri:arcreader:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Esri (7fc7b1c4-e95b-5bc9-bfb4-4695cd2e3e82) |
|---|---|
| Product | Arcreader (6f0f6587-fa36-5e95-acc1-9b7790817a91) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2021-29118 |
vulnerable | 2026-06-03 14:44:19.663702 |
Esri ArcReader PMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
LOW (3.3)
An out-of-bounds read vulnerability exists when parsing a specially crafted file in Esri ArcReader 10.8.1 (and earlier) which allow an unauthenticated attacker to induce an information disclosure issue in the context of the current user.
Published: 2022-08-12T18:40:09.061Z
Updated: 2025-04-10T14:58:42.000Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-29117 |
vulnerable | 2026-06-03 14:44:19.663274 |
arcreader use-after-free
HIGH (7.8)
A use-after-free vulnerability when parsing a specially crafted file in Esri ArcReader 10.8.1 (and earlier) allows an unauthenticated attacker to achieve arbitrary code execution in the context of the current user.
Published: 2022-08-12T18:45:12.867Z
Updated: 2025-04-10T14:58:21.962Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-29112 |
vulnerable | 2026-06-03 14:44:19.657062 |
Esri ArcReader PMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
LOW (3.3)
An out-of-bounds read vulnerability exists when parsing a specially crafted file in Esri ArcReader 10.8.1 (and earlier) which allow an unauthenticated attacker to induce an information disclosure issue in the context of the current user.
Published: 2022-08-12T18:40:27.411Z
Updated: 2025-04-10T14:58:31.283Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-29098 |
vulnerable | 2026-06-03 14:44:19.642045 |
ArcGIS general raster security update: uninitialized pointer
HIGH (7.8)
Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcReader, ArcGIS Desktop, ArcGIS Engine 10.8.1 (and earlier) and ArcGIS Pro 2.7 (and earlier) allow an unauthenticated attacker to achieve arbitrary code execution in the context of the current user.
Published: 2021-03-25T20:37:05.516Z
Updated: 2025-04-10T15:22:04.460Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-29097 |
vulnerable | 2026-06-03 14:44:19.641265 |
ArcGIS general raster security update: buffer overflow
HIGH (7.8)
Multiple buffer overflow vulnerabilities when parsing a specially crafted file in Esri ArcReader, ArcGIS Desktop, ArcGIS Engine 10.8.1 (and earlier) and ArcGIS Pro 2.7 (and earlier) allow an unauthenticated attacker to achieve arbitrary code execution in the context of the current user.
Published: 2021-03-25T20:36:03.915Z
Updated: 2024-09-17T03:17:27.744Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-29096 |
vulnerable | 2026-06-03 14:44:19.633627 |
ArcGIS general raster security update: use-after-free
HIGH (7.8)
A use-after-free vulnerability when parsing a specially crafted file in Esri ArcReader, ArcGIS Desktop, ArcGIS Engine 10.8.1 (and earlier) and ArcGIS Pro 2.7 (and earlier) allows an unauthenticated attacker to achieve arbitrary code execution in the context of the current user.
Published: 2021-03-25T18:37:37.051Z
Updated: 2024-09-17T03:42:41.962Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.