Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1700


Vulnerability Score 4.3 4.3
CVE Id CVE-2002-1700
Last Modified 15 Apr 2014 09:57:35
Published 31 Dec 2002 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



Cross-site scripting vulnerability (XSS) in the missing template handler in Macromedia ColdFusion MX allows remote attackers to execute arbitrary script as other users by injecting script into the HTTP request for the name of a template, which is not filtered in the resulting 404 error message.

Vulnerable Systems

Operating System

  • Microsoft Windows 2000


  • Macromedia Coldfusion 6.0

  • Microsoft Internet Information Server 5.0


XF - coldfusion-missing-template-css(9360)

BID - 5011


Last Updated: 27 May 2016 10:37:26