Summary
This host is running Adobe ColdFusion and is prone to response splitting vulnerability.
Impact
Successful exploitation will allow attackers to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that try to entice client users into a false sense of trust.
Impact Level: Application
Solution
Apply patch from below link,
http://helpx.adobe.com/coldfusion/kb/coldfusion-security-hotfix-apsb12-15.html
Insight
This flaw exists because the application does not validate an unspecified HTTP header before returning it to the user. This can be exploited to insert arbitrary HTTP headers, which will be included in a response sent to the user.
Affected
Adobe ColdFusion versions 8.0 through 9.0.1
References
Severity
Classification
-
CVE CVE-2012-2041 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities