Multiple directory traversal vulnerabilities in Adobe ColdFusionID: oval:org.secpod.oval:def:9453 | Date: (C)2013-03-01 (M)2022-10-10 |
Class: VULNERABILITY | Family: unix |
The host is installed with Adobe ColdFusion 8.0, 8.0.1, 9.0, 9.0.1 and is prone to Multiple directory traversal vulnerabilities. The flaws are present due to error in the administrator console which are CFIDE/administrator/settings/mappings.cfm, logging/settings.cfm, datasources/index.cfm, j2eepackaging/editarchive.cfm, and enter.cfm in CFIDE/administrator/. Successful exploitation allows remote attackers to read arbitrary files via the locale parameter.