Computer Security
[EN] securityvulns.ru no-pyccku


Adobe ColdFusion multiple security vulnerabilities
Published:14.01.2013
Source:
SecurityVulns ID:12831
Type:remote
Threat Level:
8/10
Description:Authentication bypass, privilege escalation, information leakage.
Affected:ADOBE : ColdFusion 9.0
CVE:CVE-2013-0632 (Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to bypass authentication and possibly execute arbitrary code via unspecified vectors, as exploited in the wild in January 2013.)
 CVE-2013-0631 (Adobe ColdFusion 9.0, 9.0.1, and 9.0.2 allows attackers to obtain sensitive information via unspecified vectors, as exploited in the wild in January 2013.)
 CVE-2013-0629 (Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10, when a password is not configured, allows attackers to access restricted directories via unspecified vectors, as exploited in the wild in January 2013.)
 CVE-2013-0625 (Adobe ColdFusion 9.0, 9.0.1, and 9.0.2, when a password is not configured, allows remote attackers to bypass authentication and possibly execute arbitrary code via unspecified vectors, as exploited in the wild in January 2013.)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod