Unrated severityNVD Advisory· Published Dec 15, 2003· Updated Apr 16, 2026

CVE-2003-0937

Description

SCO UnixWare 7.1.1, 7.1.3, and Open UNIX 8.0.0 allows local users to bypass protections for the "as" address space file for a process ID (PID) by obtaining a procfs file descriptor for the file and calling execve() on a setuid or setgid program, which leaves the descriptor open to the user.

Affected products

SCO Group/Open Unix
cpe:2.3:o:sco:open_unix:8.0:*:*:*:*:*:*:*
SCO Group/Unixware2 versions
cpe:2.3:o:sco:unixware:7.1.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:sco:unixware:7.1.1:*:*:*:*:*:*:*
- cpe:2.3:o:sco:unixware:7.1.3:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.32/CSSA-2003-SCO.32.txtnvdPatchVendor Advisory
www.texonet.com/advisories/TEXONET-20031024.txtnvdPatchVendor AdvisoryURL Repurposed
marc.infonvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000