ColdFusion 4.5 and 5, when running on Windows with the advanced security sandbox type set to "operating system," does not properly pass security context to (1) child processes created with <CFEXECUTE> and (2) child processes that call the CreateProcess function and are executed with <CFOBJECT> or end with the CFX extension, which allows malicious users to execute programs with the permissions of the System account.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
macromedia coldfusion 5.0 |
||
macromedia coldfusion 4.5 |