Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1469

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2003-1469
Last Modified 05 Sep 2008 04:37:01
Published 31 Dec 2003 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-1469

Summary

The default configuration of ColdFusion MX has the "Enable Robust Exception Information" option selected, which allows remote attackers to obtain the full path of the web server via a direct request to CFIDE/probe.cfm, which leaks the path in an error message.

Vulnerable Systems

Application

  • Macromedia Coldfusion

  • Macromedia Coldfusion 6.0

  • Macromedia Coldfusion Professional


References

XF - coldfusion-mx-path-disclosure(11879)

BID - 7443

BUGTRAQ - 20030426 NII Advisory - Path Disclosure in Cold Fusion MX Server

MISC - http://www.nii.co.in/vuln/pdmac.html

SREASON - 3307


Last Updated: 27 May 2016 10:38:22