Summary
Adobe ColdFusion is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input.
Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks.
Adobe ColdFusion 9.0.1 and prior are vulnerable.
Solution
Updates are available. Please see the references for more information.
References
Severity
Classification
-
CVE CVE-2010-2861 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities