CVE-2003-0449

Progress Database 9.1 to 9.1D06 trusts user input to find and load libraries using dlopen, which allows local users to gain privileges via (1) a PATH environment variable that points to malicious libraries, as demonstrated using libjutil.so in_proapsv, or (2) the -installdir command line parameter, as demonstrated using librocket_r.so in _dbagent.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:progress:database:9.1:*:*:*:*:*:*:*

Information

Published : 2003-08-06 21:00

Updated : 2016-10-17 19:33


NVD link : CVE-2003-0449

Mitre link : CVE-2003-0449


JSON object : View

Advertisement

dedicated server usa

Products Affected

progress

  • database