Adobe ColdFusion Multiple Vulnerabilities

Last Update Date: 25 Feb 2025 Release Date: 26 Apr 2017 6538 Views

RISK: Extremely High Risk

Extremely High Risk

TYPE: Web services - Web Servers

TYPE: Web Servers

Multiple vulnerabilities were identified in Adobe ColdFusion. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution, cross-site scripting and data manipulation on the targeted system.

 

Note:

 

A XSS (cross-site scripting) vulnerability has been identified in Adobe ColdFusion .

A java deserialization vulnerability has been identified in Adobe ColdFusion .

 

Impact

  • Cross-Site Scripting
  • Data Manipulation
  • Remote Code Execution

System / Technologies affected

  • ColdFusion (2016 release) Update 3 and earlier versions
  • ColdFusion 11 Update 11 and earlier versions  
  • ColdFusion 10 Update 22 and earlier versions  

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to ColdFusion (2016 release) Update 4 or later
  • Update to ColdFusion 11 Update 12 or later
  • Update to ColdFusion 10 Update 23 or later

Vulnerability Identifier

Source

Related Link

Related Tags

Remote Code ExecutionData ManipulationCross Site ScriptingExploit In The Wild

Share with

Previous

Microsoft Edge Multiple Vulnerabilities

24 Feb 2025 2000 Views

Next

F5 Products Multiple Vulnerabilities

25 Feb 2025 3508 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY