Unrated severityNVD Advisory· Published Aug 7, 2003· Updated Jun 16, 2026
CVE-2003-0449
CVE-2003-0449
Description
Progress Database 9.1 to 9.1D06 trusts user input to find and load libraries using dlopen, which allows local users to gain privileges via (1) a PATH environment variable that points to malicious libraries, as demonstrated using libjutil.so in_proapsv, or (2) the -installdir command line parameter, as demonstrated using librocket_r.so in _dbagent.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:progress:database:9.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:progress:database:9.1:*:*:*:*:*:*:*
- (no CPE)range: <=9.1D06
Patches
Vulnerability mechanics
References
4- www.secnetops.com/research/advisories/SRT2003-06-13-0945.txtnvdExploitPatchVendor Advisory
- www.secnetops.com/research/advisories/SRT2003-06-13-1009.txtnvdExploitPatchVendor Advisory
- marc.infonvd
- marc.infonvd
News mentions
0No linked articles in our index yet.