Multiple directory traversal vulnerabilities in Adobe ColdFusion - APSB10-18ID: oval:org.secpod.oval:def:9454 | Date: (C)2013-03-01 (M)2022-10-10 |
Class: PATCH | Family: unix |
The host is missing an important security update according to Adobe security bulletin, APSB10-18. The update is required to fix multiple directory traversal vulnerabilities. The flaws are present due to error in the administrator console which are CFIDE/administrator/settings/mappings.cfm, logging/settings.cfm, datasources/index.cfm, j2eepackaging/editarchive.cfm, and enter.cfm in CFIDE/administrator/. Successful exploitation allows remote attackers to read arbitrary files via the locale parameter.