Macromedia: >> Coldfusion >> 7.02 Security Vulnerabilities
The AdminAPI of ColdFusion MX 7 allows attackers to bypass authentication by using "programmatic access" to the adminAPI instead of the ColdFusion Administrator.
CVSS Score
7.2
EPSS Score
0.0
Published
2006-08-09
The default configuration of ColdFusion MX has the "Enable Robust Exception Information" option selected, which allows remote attackers to obtain the full path of the web server via a direct request to CFIDE/probe.cfm, which leaks the path in an error message.
CVSS Score
5.0
EPSS Score
0.015
Published
2003-12-31
Buffer overflow in jrun.dll in ColdFusion MX, when used with IIS 4 or 5, allows remote attackers to cause a denial of service in IIS via (1) a long template file name or (2) a long HTTP header.
CVSS Score
5.0
EPSS Score
0.057
Published
2002-12-31