Description
Caché Database 5.x installs the /cachesys/csp directory with insecure permissions, which allows local users to execute arbitrary code by adding server-side scripts that are executed with root privileges.
References (2)
Core 2
Core References
Various Sources third-party-advisory
x_refsource_idefense
http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=7
Various Sources x_refsource_confirm
https://www.intersystems.com/support-learning/support/product-news-alerts/support-alerts-2003/
Scores
EPSS
0.0046
EPSS Percentile
36.4%
Details
CWE
CWE-94
Status
published
Products (1)
intersystems/cache_database
5
Published
Aug 07, 2003
Tracked Since
Feb 18, 2026