Published: 31/12/2003 Updated: 29/07/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

The default configuration of ColdFusion MX has the "Enable Robust Exception Information" option selected, which allows remote malicious users to obtain the full path of the web server via a direct request to CFIDE/probe.cfm, which leaks the path in an error message.

Vulnerable Product	Search on Vulmon	Subscribe to Product
macromedia coldfusion 6.0
macromedia coldfusion_professional
macromedia coldfusion

source: wwwsecurityfocuscom/bid/7443/info A vulnerability has been reported for Macromedia ColdFusion MX that may reveal the physical path information to attackers When certain malformed URL requests are received by the server, an error message is returned containing the full path of the ColdFusion installation host:8500/CFIDE/ ...

CWE-200 http://www.securityfocus.com/archive/1/319867 http://www.nii.co.in/vuln/pdmac.html http://www.securityfocus.com/bid/7443 http://securityreason.com/securityalert/3307 https://exchange.xforce.ibmcloud.com/vulnerabilities/11879 https://nvd.nist.gov https://www.exploit-db.com/exploits/22544/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2003-1469

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect