[原文]Buffer overflow in ESRI ArcPad 18.104.22.168 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a .amp file with a COORDSYS tag with a long string attribute.
A local overflow exists in ArcPad. ArcPad fails to perform boundary checks when reading .apm files, resulting in a buffer overflow. With a specially crafted file, an attacker can cause the application to crash or possibly execute arbitrary code, resulting in a loss of integrity.
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.