[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Multiple cross-site scripting vulnerabilities in Adobe ColdFusion - APSB11-29

ID: oval:org.secpod.oval:def:9457Date: (C)2013-03-01   (M)2022-10-10
Class: PATCHFamily: unix




The host is missing an important security update according to Adobe security bulletin, APSB11-29. The update is required to fix multiple cross-site scripting vulnerabilities. The flaws are present in the RDS and cfform tag components in the application, which fails to properly handle the vectors. Successful exploitation allows remote attackers to inject arbitrary web script or HTML.

Platform:
Linux
Product:
Adobe ColdFusion
Reference:
APSB11-29
CVE-2011-2463
CVE-2011-4368
CVE    2
CVE-2011-2463
CVE-2011-4368
CPE    7
cpe:/a:adobe:coldfusion
cpe:/a:adobe:coldfusion:9.0.0.0
cpe:/a:adobe:coldfusion:9.0
cpe:/a:adobe:coldfusion:9.0.1
...

© SecPod Technologies