CVE-2007-1278

Опубликовано: 16 мар. 2007

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Unspecified vulnerability in the IIS connector in Adobe JRun 4.0 Updater 6, and ColdFusion MX 6.1 and 7.0 Enterprise, when using Microsoft IIS 6, allows remote attackers to cause a denial of service via unspecified vectors, involving the request of a file in the JRun web root.

Комментарий

Per: http://www.adobe.com/support/security/bulletins/apsb07-07.html

CVE number: CVE-2007-1278

Platform: Windows only Affected software versions: ColdFusion MX 7.X

* JRun 4.0 Updater 6 * ColdFusion MX 7.0 Enterprise Edition, if installed as the "Multi-Server" option * ColdFusion MX 6.1 Enterprise, if installed with the "J2EE" option and deployed on JRun 4.0 Updater 6

NOTE: ColdFusion MX 6.1 and 7.0 Standard editions are not affected.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:microsoft:internet_information_server:6.0:*:*:*:*:*:*:*

Одно из

cpe:2.3:a:adobe:coldfusion:6.1:*:enterprise_server:*:*:*:*:*

cpe:2.3:a:adobe:coldfusion:7.0:*:enterprise_server:*:*:*:*:*

cpe:2.3:a:adobe:jrun:4.0:updater6:*:*:*:*:*:*

EPSS

Процентиль: 89%

0.04688

Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-qv5g-8mxx-qwcq

github

почти 4 года назад