Published: 24/05/2019 Updated: 04/09/2020

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

ColdFusion versions Update 2 and previous versions, Update 9 and previous versions, and Update 17 and previous versions have a file upload restriction bypass vulnerability. Successful exploitation could lead to arbitrary code execution.

Vulnerable Product	Search on Vulmon	Subscribe to Product
adobe coldfusion 2018
adobe coldfusion 2016
adobe coldfusion 11.0

WannaCry-hero Hutchins' trial date set, Microsoft readies Google's Spectre V2 fix for Windows 10, Coinhive axed, and more

The Register • Chris Williams, Editor in Chief • 02 Mar 2019

PS: Update Adobe ColdFusion, Cisco WebEx Meetings, Nvidia drivers with security fixes

Roundup Here's your weekend rapid-fire roundup of infosec news, ahead of next week's RSA Conference, beyond what we've already covered. Hutchins' trial date set: After 18 months in legal limbo in America, Brit malware reverse-engineer Marcus Hutchins, who halted the 2017 Wannacry ransomware outbreak, this week learned he will go before a jury in July. Hutchins was cuffed in August 2017 in Las Vegas by the FBI, shortly after the global WannaCry infection, and was soon-after formally accused of de...

CVE-2019-7816

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect