Lucene search

AdobeCVE-2010-1293

HistoryMay 13, 2010 - 5:30 p.m.

CVE-2010-1293

2010-05-1317:30:02

CWE-79

adobe

web.nvd.nist.gov

cve-2010-1293

cross-site scripting

xss

vulnerability

adobe coldfusion

nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.079

Percentile

94.4%

JSON

Cross-site scripting (XSS) vulnerability in the Administrator page in Adobe ColdFusion 8.0, 8.0.1, and 9.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

Nvd

Node

adobecoldfusionRange≤9.0

adobecoldfusionMatch4.5

adobecoldfusionMatch5.0

adobecoldfusionMatch6.0

adobecoldfusionMatch6.1

adobecoldfusionMatch7.0

adobecoldfusionMatch7.0.1

adobecoldfusionMatch7.0.2

adobecoldfusionMatch7.2unknownmx

adobecoldfusionMatch8.0

adobecoldfusionMatch8.0.1

VendorProductVersionCPE
adobecoldfusion*cpe:2.3:a:adobe:coldfusion:*:*:*:*:*:*:*:*
adobecoldfusion4.5cpe:2.3:a:adobe:coldfusion:4.5:*:*:*:*:*:*:*
adobecoldfusion5.0cpe:2.3:a:adobe:coldfusion:5.0:*:*:*:*:*:*:*
adobecoldfusion6.0cpe:2.3:a:adobe:coldfusion:6.0:*:*:*:*:*:*:*
adobecoldfusion6.1cpe:2.3:a:adobe:coldfusion:6.1:*:*:*:*:*:*:*
adobecoldfusion7.0cpe:2.3:a:adobe:coldfusion:7.0:*:*:*:*:*:*:*
adobecoldfusion7.0.1cpe:2.3:a:adobe:coldfusion:7.0.1:*:*:*:*:*:*:*
adobecoldfusion7.0.2cpe:2.3:a:adobe:coldfusion:7.0.2:*:*:*:*:*:*:*
adobecoldfusion7.2cpe:2.3:a:adobe:coldfusion:7.2:unknown:mx:*:*:*:*:*
adobecoldfusion8.0cpe:2.3:a:adobe:coldfusion:8.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
adobe	coldfusion	*	cpe:2.3:a:adobe:coldfusion::::::::
adobe	coldfusion	4.5	cpe:2.3:a:adobe:coldfusion:4.5:::::::*
adobe	coldfusion	5.0	cpe:2.3:a:adobe:coldfusion:5.0:::::::*
adobe	coldfusion	6.0	cpe:2.3:a:adobe:coldfusion:6.0:::::::*
adobe	coldfusion	6.1	cpe:2.3:a:adobe:coldfusion:6.1:::::::*
adobe	coldfusion	7.0	cpe:2.3:a:adobe:coldfusion:7.0:::::::*
adobe	coldfusion	7.0.1	cpe:2.3:a:adobe:coldfusion:7.0.1:::::::*
adobe	coldfusion	7.0.2	cpe:2.3:a:adobe:coldfusion:7.0.2:::::::*
adobe	coldfusion	7.2	cpe:2.3:a:adobe:coldfusion:7.2:unknown:mx:::::*
adobe	coldfusion	8.0	cpe:2.3:a:adobe:coldfusion:8.0:::::::*

Rows per page:

1-10 of 111

References

secunia.com/advisories/39790

www.adobe.com/support/security/bulletins/apsb10-11.html

www.vupen.com/english/advisories/2010/1127

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.079

Percentile

94.4%

JSON

Related for CVE-2010-1293