Published: 05/10/2004 Updated: 11/07/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

The Microsoft IIS Connector in JRun 4.0 and Macromedia ColdFusion MX 6.0, 6.1, and 6.1 J2EE allows remote malicious users to bypass authentication and view source files, such as .asp, .pl, and .php files, via an HTTP request that ends in ";.cfm".

Vulnerable Product	Search on Vulmon	Subscribe to Product
hitachi cosminexus enterprise 01_02_2
macromedia jrun 4.0
hitachi cosminexus enterprise 01_01_1
macromedia jrun 3.0
macromedia jrun 3.1
hitachi cosminexus server web_01-01_1
hitachi cosminexus server web_01-01_2
macromedia coldfusion 6.0
macromedia coldfusion 6.1

NVD-CWE-Other http://www.idefense.com/application/poi/display?id=148&type=vulnerabilities http://www.macromedia.com/devnet/security/security_zone/mpsb04-08.html http://www.macromedia.com/devnet/security/security_zone/mpsb04-09.html http://www.kb.cert.org/vuls/id/977440 http://www.securityfocus.com/bid/11245 http://secunia.com/advisories/12638/http://secunia.com/advisories/12647/http://marc.info/?l=bugtraq&m=109621995623823&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/17484 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2004-0928

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect