CNNVD-202509-2493 Information

Sep 16, 2025 cve

CNNVD ID

CNNVD-202509-2493

CVE-2009-20005

  • CNNVD Published: 2025-09-16

Description (Chinese)

InterSystems Caché是美国InterSystems公司的一套数据库管理系统。该系统主要用于开发医疗保健管理、银行和金融服务、政府和其他行业的软件应用程序。 InterSystems Caché2009.1版本存在安全漏洞,该漏洞源于UtilConfigHome.csp端点未充分检查边界,可能导致栈缓冲区溢出和执行任意代码。

Description (English)

InterSystems Caché is a database management system of InterSystems, United States. The system is used primarily for the development of software applications for health care management, banking and financial services, government and other industries. The security gap in version 2009.1 of InterSystems Caché stems from the lack of adequate border checks at the UtilConfigHome.csp endpoint, which could lead to the spilling out of the fence and the implementation of arbitrary codes.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

InterSystems

Published

2025-09-16

Last Modified

2026-02-24

References

https://www.intersystems.com/products/cache/ https://www.juniper.net/us/en/threatlabs/ips-signatures/detail.APP:INTERSYSTEMS-CACHE-OF.html https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/ https://www.exploit-db.com/exploits/16807 https://www.vulncheck.com/advisories/intersystems-cache-stack-buffer-overflow https://access.redhat.com/security/cve/cve-2009-20005

Share on: