Published: 12/06/2019 Updated: 04/09/2020

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

ColdFusion versions Update 3 and previous versions, Update 10 and previous versions, and Update 18 and previous versions have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.

Vulnerable Product	Search on Vulmon	Subscribe to Product
adobe coldfusion 11.0
adobe coldfusion 2016
adobe coldfusion 2018

It is with a heavy heart that we must report that your software has bugs and needs patching: Microsoft, Adobe, SAP, Intel emit security fixes

The Register • Shaun Nichols in San Francisco • 11 Jun 2019

And Google drops a zero-day on Windows after deadline miss

Patch Tuesday Microsoft, Adobe, Intel, and SAP have all emitted their latest Patch Tuesday batch of security fixes. Users and admins are encouraged to test and install the updates as soon as humanly possible. For those running Windows and Windows Server, you'll be interested in as many as 88 CVE-listed flaws that need addressing in Microsoft's products. According to analysts at the Zero Day Initiative, a priority for admins should be a collection of four elevation-of-privilege vulnerabilities fo...

CVE-2019-7839

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect