Lucene search
K

5 matches found

CVE
CVE
added 2017/12/01 8:0 a.m.100 views

CVE-2017-11283

CVE-2017-11283 is a Java deserialization flaw in Adobe ColdFusion's insecure handling of untrusted data (notably via DataServicesCFProxy). Affected: ColdFusion 2016 Update 4 and earlier; ColdFusion 11 Update 12 and earlier. The root cause is unsafe deserialization which could allow remote code ex...

9.8CVSS9.3AI score0.42721EPSS
Exploits3References3Affected Software1
Cvelist
Cvelist
added 2017/12/01 8:0 a.m.29 views

CVE-2017-11283

Adobe ColdFusion has an Untrusted Data Deserialization vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11...

9.6AI score0.42721EPSS
Exploits3References3
Check Point Advisories
Check Point Advisories
added 2017/11/27 12:0 a.m.19 views

Adobe ColdFusion DataServicesCFProxy Insecure Deserialization (CVE-2017-11283)

An insecure deserialization vulnerability exists in the Flex integration service of Adobe ColdFusion. The vulnerability is due to the lack of input validation by the DataServicesCFProxy. A successful attack could lead to a remote code execution...

7.5CVSS9.3AI score0.42721EPSS
Exploits3
myhack58
myhack58
added 2017/10/19 12:0 a.m.130 views

Adobe ColdFusion arbitrary command execution flaws vulnerability 0day(CVE–2017–11283, CVE–2017–11284)early warning-vulnerability warning-the black bar safety net

Adobe ColdFusion in 2017 9 November 12 released a network security update in refer to the previous version, there is a serious deserialization flaws vulnerability bug(CVE-2017-11283, CVE-2017-11284, and may incur long-distance code to fulfill. When applying the Flex integration-do on Remote Adobe...

9.1AI score0.42721EPSS
Exploits3
seebug.org
seebug.org
added 2017/10/18 12:0 a.m.122 views

Adobe ColdFusion Deserialization RCE (CVE-2017-11283, CVE-2017-11238)

During my research into the Java Remote Method Invocation RMI protocol, the most common RMI service that I came across was Adobe ColdFusion’s Flex integration service which is used to support integration between Flash applications and ColdFusion components. A quick look at this service led to the...

4.3CVSS8.8AI score0.42721EPSS
Exploits3
Rows per page
Query Builder