Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-1999-1124

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-1999-1124
Last Modified 05 Sep 2008 04:18:46
Published 31 Dec 1999 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-1999-1124

Summary

HTTP Client application in ColdFusion allows remote attackers to bypass access restrictions for web pages on other ports by providing the target page to the mainframeset.cfm application, which requests the page from the server, making it look like the request is coming from the local host.

Vulnerable Systems

Application

  • Allaire Coldfusion


References

MISC - http://packetstorm.securify.com/mag/phrack/phrack54/P54-08


Last Updated: 27 May 2016 10:35:17