CVE-2009-20005
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-16

Last updated on: 2025-09-17

Assigner: VulnCheck

Description
A stack-based buffer overflow exists in the UtilConfigHome.csp endpoint of InterSystems Caché 2009.1. The vulnerability is triggered by sending a specially crafted HTTP GET request containing an oversized argument to the .csp handler. Due to insufficient bounds checking, the input overflows a stack buffer, allowing an attacker to overwrite control structures and execute arbitrary code. It is unknown if this vulnerability was patched and an affected version range remains undefined.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-16
Last Modified
2025-09-17
Generated
2026-06-16
AI Q&A
2025-09-16
EPSS Evaluated
2026-06-14
NVD
CVE-2009-20005
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
intersystems cache 2009.1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a stack-based buffer overflow in the UtilConfigHome.csp endpoint of InterSystems Caché 2009.1. It occurs when a specially crafted HTTP GET request with an oversized argument is sent to the .csp handler. Because the input is not properly checked for size, it overflows a stack buffer, allowing an attacker to overwrite control structures and potentially execute arbitrary code.

Impact Analysis

The vulnerability can allow an attacker to execute arbitrary code on the affected system without any privileges or user interaction. This can lead to full system compromise, data theft, or disruption of services.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2009-20005. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart