Adobe ColdFusion Component Browser Vulnerability

Last Update Date: 13 Jun 2012 15:09 Release Date: 13 Jun 2012 5060 Views

RISK: Medium Risk

Medium Risk

TYPE: Servers - Internet App Servers

TYPE: Internet App Servers

A vulnerability has been identified in Adobe ColdFusion. A remote user can conduct HTTP response splitting attacks.

 

A remote user can submit a specially crafted URL to cause the target server to return a split response. A remote user can exploit this to spoof content on the target server, attempt to poison any intermediate web caches, or conduct cross-site scripting attacks.

Impact

  • Remote Code Execution
  • Information Disclosure
  • Data Manipulation

System / Technologies affected

  • Adobe ColdFusion versions 8.0, 8.0.1, 9.0, 9.0.1

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

 

Vulnerability Identifier

 

Source

Related Link

Share with

Previous

MySQL memcmp() Comparison Error Vulnerability

13 Jun 2012 5400 Views

Next

Oracle Java SE Multiple Vulnerabilities

13 Jun 2012 5129 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY