Adobe ColdFusion Information Disclosure Vulnerability Network Vulnerability

Summary

Adobe ColdFusion is prone to an information-disclosure vulnerability. Attackers can exploit this issue to retrieve files stored on the server and obtain sensitive information. This may aid in launching further attacks.

Solution

Apply the patch from below link, http://helpx.adobe.com/coldfusion/kb/coldfusion-security-hotfix-apsb13-13.html

References

http://www.adobe.com/products/coldfusion/
http://www.adobe.com/support/security/bulletins/apsb13-13.html
http://www.securityfocus.com/bid/59773

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-1389, CVE-2013-3336

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Atlassian JIRA FishEye and Crucible Plugins XML Parsing Unspecified Security Vulnerability
ARRIS 2307 Unprotected Web Console
Acute Control Panel SQL Injection Vulnerability and Remote File Include Vulnerability
Atlassian JIRA Privilege Escalation and Multiple Cross Site Scripting Vulnerabilities
ASAS Server End User Self Service (EUSS) SQL Injection Vulnerability

Take action and discover your vulnerabilities