The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of ESRI ArcGIS ArcView

OpenSSL: information disclosure via Heartbeat
An attacker can use the Heartbeat protocol on an application compiled with OpenSSL, in order to obtain sensitive information, such as keys stored in memory...
1669839, 190438, 2076225, 2962393, c04236102, c04267775, c04286049, CA20140413-01, CERTFR-2014-ALE-003, CERTFR-2014-AVI-156, CERTFR-2014-AVI-161, CERTFR-2014-AVI-162, CERTFR-2014-AVI-167, CERTFR-2014-AVI-169, CERTFR-2014-AVI-177, CERTFR-2014-AVI-178, CERTFR-2014-AVI-179, CERTFR-2014-AVI-180, CERTFR-2014-AVI-181, CERTFR-2014-AVI-198, CERTFR-2014-AVI-199, CERTFR-2014-AVI-213, cisco-sa-20140409-heartbleed, CTX140605, CVE-2014-0160, CVE-2014-0346-REJECT, DSA-2896-1, DSA-2896-2, emr_na-c04236102-7, ESA-2014-034, ESA-2014-036, ESA-2014-075, FEDORA-2014-4879, FEDORA-2014-4910, FEDORA-2014-4982, FEDORA-2014-4999, FG-IR-14-011, FreeBSD-SA-14:06.openssl, Heartbleed, HPSBMU02995, HPSBMU03025, HPSBMU03040, ICSA-14-105-03, JSA10623, MDVSA-2014:123, MDVSA-2015:062, NetBSD-SA2014-004, openSUSE-SU-2014:0492-1, openSUSE-SU-2014:0560-1, openSUSE-SU-2014:0719-1, pfSense-SA-14_04.openssl, RHSA-2014:0376-01, RHSA-2014:0377-01, RHSA-2014:0378-01, RHSA-2014:0396-01, RHSA-2014:0416-01, SA40005, SA79, SB10071, SOL15159, SPL-82696, SSA:2014-098-01, SSA-635659, SSRT101565, USN-2165-1, VIGILANCE-VUL-14534, VMSA-2014-0004, VMSA-2014-0004.1, VMSA-2014-0004.2, VMSA-2014-0004.3, VMSA-2014-0004.6, VMSA-2014-0004.7, VU#720951
ArcGIS for Server: multiple vulnerabilities
An attacker can use several vulnerabilities of ArcGIS for Server...
41468, 41497, 41498, BID-62691, BID-62889, CVE-2013-5221, CVE-2013-5222, CVE-2013-7231, CVE-2013-7232, NIM092795, NIM092820, NIM093227, NIM094447, VIGILANCE-VUL-13359
ArcGIS Server: SQL injection
An attacker can use a SQL injection in ArcGIS Server, in order to read or alter data...
NIM084249, VIGILANCE-VUL-12830
ArcGIS: information leak about database tables
An attacker who causes a server side error, can get information about the database schema...
NIM085361, VIGILANCE-VUL-12168
ArcGIS Web Server: SQL injection
An attacker can use the REST interface of the ArcGIS web server, to inject SQL commands, in order to read or alter data...
BID-56474, CVE-2012-4949, NIM084249, VIGILANCE-VUL-12128, VU#795644
ESRI ArcGIS: macro execution via MXD
An attacker can invite the victim to open a malicious MXD file with ArcGIS, in order to execute a Visual Basic macro on his computer...
40384, BID-53988, CVE-2012-1661, VIGILANCE-VUL-11708
ArcGIS: code execution via TeeChart Professional
An attacker can create a web page calling the TeeChart Professional ActiveX, which is installed by ArcGIS products, in order to execute code on computers of victims loading this page with Internet Explorer...
BID-49125, NIM074916, SS-2011-007, VIGILANCE-VUL-11517
ESRI ArcGIS Server: file reading via Image Extension
A remote attacker can use the Image Extension feature of ESRI ArcGIS Server with Mosaic Datasets, in order to read a file located on the server...
VIGILANCE-VUL-10887
Our database contains other pages. You can request a free trial to read them.