Skip to main content

Adobe ColdFusion Multiple Vulerabilities

Last Update Date: 16 Jan 2013 Release Date: 8 Jan 2013 5685 Views

RISK: High Risk

TYPE: Servers - Internet App Servers

TYPE: Internet App Servers

Multiple vulnerabilities have been identified in Adobe ColdFusion. A remote user can gain access to the target system, and obtain potentially sensitive information.

  1. A remote user can bypass authentication and take control of the target system, and gain access to restricted directories. Only systems with password protection disabled or with no password set are affected.
  2. A remote user can obtain potentially sensitive information.

Note: The vulnerabilities are being exploited in the wild.


Impact

  • Security Restriction Bypass
  • Information Disclosure

System / Technologies affected

  • Versions 9.0, 9.0.1, 9.0.2, 10

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.


Vulnerability Identifier


Source


Related Link