CVE-2021-29095

Publication date

2021-03-25 20:34:59

Family

Esri

State

PUBLISHED

Description

Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcGIS Server 10.8.1 (and earlier) allows an authenticated attacker with specialized permissions to achieve arbitrary code execution in the context of the service account.