2007.1.1.420.0

CVSS 3.5 - LOW

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

SINGLE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

intersystems

NVD

Published: 2007-08-20

Updated: 2008-11-15

Summary

Unspecified vulnerability in the login page redirection logic in the Cache' Server Page (CSP) implementation in InterSystems Cache' 2007.1.0.369.0 and 2007.1.1.420.0 allows remote authenticated users to modify data on a server, related to encoding of certain parameter values by this redirection logic, aka MAK2116.

Vulnerable Configurations

Part	Description	Count
Application	Intersystems Intersystems Cache Database 2007.1.0.369.0 Intersystems Cache Database 2007.1.1.420.0	2

References

http://groups.google.com/group/intersystems-public-cache/browse_thread/thread/57d7c80dde26fda3/7845e246da5b095b
http://osvdb.org/40178
http://secunia.com/advisories/26541
http://www.intersystems.com/support/cflash/2007announce.html