Vulnerability Description
Format string vulnerabilities in (1) _probuild, (2) _dbutil, (3) _mprosrv, (4) _mprshut, (5) _proapsv, (6) _progres, (7) _proutil, (8) _rfutil and (9) prolib in Progress database 9.1C allows a local user to execute arbitrary code via format string specifiers in the file used by the PROMSGS environment variable.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Progress | Progress | 9.1c |
References
- http://www.securityfocus.com/archive/1/224395Vendor Advisory
- http://www.securityfocus.com/bid/3502PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7457
- http://www.securityfocus.com/archive/1/224395Vendor Advisory
- http://www.securityfocus.com/bid/3502PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7457
FAQ
What is CVE-2001-1129?
CVE-2001-1129 is a vulnerability with a CVSS score of 7.2 (HIGH). Format string vulnerabilities in (1) _probuild, (2) _dbutil, (3) _mprosrv, (4) _mprshut, (5) _proapsv, (6) _progres, (7) _proutil, (8) _rfutil and (9) prolib in Progress database 9.1C allows a local u...
How severe is CVE-2001-1129?
CVE-2001-1129 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-1129?
Check the references section above for vendor advisories and patch information. Affected products include: Progress Progress.