RSS   Vulnerabilities for 'Coldfusion server'   RSS

2001-10-30
 
CVE-2001-0535

 

 
Example applications (Exampleapps) in ColdFusion Server 4.x do not properly restrict prevent access from outside the local host's domain, which allows remote attackers to conduct upload, read, or execute files by spoofing the "HTTP Host" (CGI.Host) variable in (1) the "Web Publish" example script, and (2) the "Email" example script.

 

 >>> Vendor: Macromedia 19 Products
Coldfusion server
Coldfusion
Dreamweaver
Matrix screen saver
Shockwave flash plugin
Studio
JRUN
Flash
Flash player
Shockwave flash
Sitespring
Shockwave
Coldfusion professional
Director
Contribute
Coldfusion fusebox
Breeze
Flash communication server
Flash media server


Copyright 2024, cxsecurity.com

 

Back to Top