CVE-2007-0437

CVE-2007-0437 involves multiple cross-site scripting (XSS) vulnerabilities in the sample Cache' Server Page (CSP) scripts of InterSystems Cache. The affected components are CSP samples under csp/samples/: loop.csp (TO parameter), cookie.csp (VALUE), showsource.csp (PAGE); and (4) xmlclasseserror....

CVE-2003-0497

CVE-2003-0497 affects InterSystems Caché Database 5.x. The vulnerability arises because /cachesys/bin/cache (and related paths) are installed with world-writable permissions, enabling local attackers to gain privilege by overwriting a cache component and executing it via /cachesys/bin/cuxs. The i...

CVE-2003-0498

CVE-2003-0498 affects InterSystems Caché Database 5.x. The vulnerability arises because /cachesys/csp is installed with insecure permissions, allowing local attackers to add server-side scripts or modify files that run with root privileges, enabling arbitrary code execution. The issue is document...

CVE-2007-4427

InterSystems Cache CSP login-page redirection logic (Cache’ 2007.1.0.369.0 and 2007.1.1.420.0) contains an unspecified vulnerability in parameter value encoding that lets remote authenticated users modify server data. Root cause: encoding of certain parameters in the redirection logic. Impact: da...

CVE-2003-1333

InterSystems Cache CSP in Cache versions 4.0.3–5.0.5 is described as having an unspecified vulnerability that allows remote attackers to gain complete control of the server. The provided documents do not specify the root cause, affected components beyond CSP, exploit details, or remediation guida...

CVE-2004-2684

Technical details about CVE-2004-2684 are not publicly provided in the connected documents. The Initial Description is generic. Monitor for updates from vendors (InterSystems/Red Hat/NVD) for affected products and fixes.