Lucene search
K

6 matches found

Circl
Circl
added 2020/10/20 3:57 p.m.10 views

CVE-2018-4939

creationtimestamp| type| source ---|---|--- 2020-10-20 15:57:21+00:00| seen| MISP/42d04e94-bf5b-427d-acc8-f5d740675941 2020-10-20 15:58:03+00:00| seen| MISP/d925a2ee-e7cf-46f6-bec1-ad8e19122730 2020-10-21 08:33:50+00:00| seen| MISP/5f850411-c103-491f-abff-9421425403cf 2020-10-28 02:58:38+00:00|...

10CVSS7.3AI score0.63304EPSS
Exploits1References5
Check Point Advisories
Check Point Advisories
added 2018/07/29 12:0 a.m.13 views

Adobe ColdFusion DataServicesCFProxy Insecure Deserialization (CVE-2018-4939)

An insecure deserialization vulnerability exists in the Flex integration service of Adobe ColdFusion. The vulnerability is due to the lack of input validation. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS4.9AI score0.63304EPSS
Exploits1
seebug.org
seebug.org
added 2018/06/19 12:0 a.m.275 views

ColdFusion RCE(CVE-2018-4939)

In October 2017 I published an overview and video proof-of-concept of a Java RMI/deserialization vulnerability affecting the Flex Integration service of Adobe ColdFusion. I held off on publishing all of the details and exploit code at the time because I spotted an additional exploit payload that...

7.5CVSS8.7AI score0.63304EPSS
Exploits3
CVE
CVE
added 2018/05/19 5:0 p.m.948 views

CVE-2018-4939

Adobe ColdFusion is affected by CVE-2018-4939 due to a Deserialization of Untrusted Data vulnerability in Update 5 and earlier (and ColdFusion 11 Update 13 and earlier). The issue arises from insecure deserialization in the DataServicesCFProxy/integration flow, enabling arbitrary code execution u...

10CVSS9.5AI score0.63304EPSS
In wildExploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2018/05/19 5:0 p.m.7 views

CVE-2018-4939

Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Deserialization of Untrusted Data vulnerability. Successful exploitation could lead to arbitrary code execution...

9.6AI score0.63304EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2018/04/12 12:0 a.m.71 views

Adobe ColdFusion 11.x < 11u14 / 2016.x < 2016u6 Multiple Vulnerabilities (APSB18-14)

The version of Adobe ColdFusion running on the remote Windows host is 11.x prior to update 14 or 2016.x prior to update 6. It is, therefore, affected by multiple vulnerabilities. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid109017; scriptversion"1.9";...

10CVSS7.2AI score0.63304EPSS
Exploits1References6
Rows per page
Query Builder