Lucene search

MitreCVE-2001-1128

HistoryMar 15, 2002 - 5:00 a.m.

CVE-2001-1128

2002-03-1505:00:00

mitre

web.nvd.nist.gov

cve-2001-1128

buffer overflow

progress database

code execution

local users

environment variables

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

High

EPSS

Percentile

5.1%

JSON

Buffer overflow in Progress database 8.3D and 9.1C allows local users to execute arbitrary code via long entries in files that are specified by the (1) PROMSGS or (2) PROTERMCAP environment variables.

Affected configurations

Nvd

Node

progressprogressMatch8.3d

progressprogressMatch9.1c

VendorProductVersionCPE
progressprogress8.3dcpe:2.3:a:progress:progress:8.3d:*:*:*:*:*:*:*
progressprogress9.1ccpe:2.3:a:progress:progress:9.1c:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
progress	progress	8.3d	cpe:2.3:a:progress:progress:8.3d:::::::*
progress	progress	9.1c	cpe:2.3:a:progress:progress:9.1c:::::::*

References

www.securityfocus.com/archive/1/219174

www.securityfocus.com/bid/3414

exchange.xforce.ibmcloud.com/vulnerabilities/7264

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVE-2001-1128