ESRI ArcMap 9 and ArcGIS 10.0.2.3200 and earlier does not properly prompt users before executing embedded VBA macros, which allows user-assisted remote attackers to execute arbitrary VBA code via a crafted map (.mxd) file.
Max CVSS
9.3
EPSS Score
4.40%
Published
2012-07-12
Updated
2012-07-16
1 vulnerabilities found