ESRI ArcMap 9 and ArcGIS 10.0.2.3200 and earlier does not...
High severity
Unreviewed
Published
May 17, 2022
to the GitHub Advisory Database
•
Updated Oct 10, 2024
Description
Published by the National Vulnerability Database
Jul 12, 2012
Published to the GitHub Advisory Database
May 17, 2022
Last updated
Oct 10, 2024
ESRI ArcMap 9 and ArcGIS 10.0.2.3200 and earlier does not properly prompt users before executing embedded VBA macros, which allows user-assisted remote attackers to execute arbitrary VBA code via a crafted map (.mxd) file.
References