Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4427

Overview

Vulnerability Score 3.5 3.5
CVE Id CVE-2007-4427
Last Modified 15 Nov 2008 01:56:57
Published 20 Aug 2007 03:17:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2007-4427

Summary

Unspecified vulnerability in the login page redirection logic in the Cache' Server Page (CSP) implementation in InterSystems Cache' 2007.1.0.369.0 and 2007.1.1.420.0 allows remote authenticated users to modify data on a server, related to encoding of certain parameter values by this redirection logic, aka MAK2116.

Vulnerable Systems

Application

  • Intersystems Cache Database 2007.1.0.369.0

  • Intersystems Cache Database 2007.1.1.420.0


References

MLIST - [Cache-News] 20070718 Security Alert: User passed parameter values via CSP

OSVDB - 40178

CONFIRM - http://www.intersystems.com/support/cflash/2007announce.html

SECUNIA - 26541


Last Updated: 27 May 2016 10:45:52