CVE-2006-5858

Опубликовано: 31 дек. 2006

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Adobe ColdFusion MX 7 through 7.0.2, and JRun 4, when run on Microsoft IIS, allows remote attackers to read arbitrary files, list directories, or read source code via a double URL-encoded NULL byte in a ColdFusion filename, such as a CFM file.

Ссылки

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=466
Broken Link
http://osvdb.org/32123
Broken Link
http://secunia.com/advisories/23668
Third Party Advisory
http://securitytracker.com/id?1017490
Third Party Advisory
VDB Entry
http://www.adobe.com/support/security/bulletins/apsb07-02.html
Patch
Vendor Advisory
http://www.securityfocus.com/archive/1/457799/100/0/threaded
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/21978
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2007/0116
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/31411
Third Party Advisory
VDB Entry
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=466
Broken Link
http://osvdb.org/32123
Broken Link
http://secunia.com/advisories/23668
Third Party Advisory
http://securitytracker.com/id?1017490
Third Party Advisory
VDB Entry
http://www.adobe.com/support/security/bulletins/apsb07-02.html
Patch
Vendor Advisory
http://www.securityfocus.com/archive/1/457799/100/0/threaded
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/21978
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2007/0116
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/31411
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:adobe:coldfusion:*:*:*:*:*:*:*:*

Версия от 7.0 (включая) до 7.0.2 (включая)

cpe:2.3:a:adobe:jrun:4.0:*:*:*:*:*:*:*

cpe:2.3:a:microsoft:internet_information_services:-:*:*:*:*:*:*:*

EPSS

Процентиль: 91%

0.07061

Низкий

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-4p7h-m9mw-jc79

github

почти 4 года назад