CVE-2001-1129 - OpenCVE

Format string vulnerabilities in (1) _probuild, (2) _dbutil, (3) _mprosrv, (4) _mprshut, (5) _proapsv, (6) _progres, (7) _proutil, (8) _rfutil and (9) prolib in Progress database 9.1C allows a local user to execute arbitrary code via format string specifiers in the file used by the PROMSGS environment variable.

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Progress	Progress

Configuration 1 [-]

cpe:2.3:a:progress:progress:9.1c:*:*:*:*:*:*:*

References

Link	Resource
http://www.securityfocus.com/archive/1/224395	Vendor Advisory
http://www.securityfocus.com/bid/3502	Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/7457

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2002-03-15T05:00:00

Updated: 2017-12-18T21:57:01

Reserved: 2002-03-15T00:00:00

Link: CVE-2001-1129

JSON object: View

NVD Information

Status : Modified

Published: 2001-11-02T05:00:00.000

Modified: 2017-12-19T02:29:34.410

Link: CVE-2001-1129

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2001-11-02T00:00:00", "descriptions": [{"lang": "en", "value": "Format string vulnerabilities in (1) _probuild, (2) _dbutil, (3) _mprosrv, (4) _mprshut, (5) _proapsv, (6) _progres, (7) _proutil, (8) _rfutil and (9) prolib in Progress database 9.1C allows a local user to execute arbitrary code via format string specifiers in the file used by the PROMSGS environment variable."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-12-18T21:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "progress-promsgs-format-string(7457)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7457"}, {"name": "20011102 Progres Databse PROMSGS Format strings issue.", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/224395"}, {"name": "3502", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/3502"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-1129", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Format string vulnerabilities in (1) _probuild, (2) _dbutil, (3) _mprosrv, (4) _mprshut, (5) _proapsv, (6) _progres, (7) _proutil, (8) _rfutil and (9) prolib in Progress database 9.1C allows a local user to execute arbitrary code via format string specifiers in the file used by the PROMSGS environment variable."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "progress-promsgs-format-string(7457)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7457"}, {"name": "20011102 Progres Databse PROMSGS Format strings issue.", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/224395"}, {"name": "3502", "refsource": "BID", "url": "http://www.securityfocus.com/bid/3502"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-1129", "datePublished": "2002-03-15T05:00:00", "dateReserved": "2002-03-15T00:00:00", "dateUpdated": "2017-12-18T21:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}