3 matches found
CVE-2019-7838
ColdFusion versions Update 3 and earlier, Update 10 and earlier, and Update 18 and earlier have a file extension blacklist bypass vulnerability. Successful exploitation could lead to arbitrary code execution...
Adobe ColdFusion < 11.x < 11u19 / 2016.x < 2016u11 / 2018.x < 2018u4 Multiple Vulnerabilities (APSB19-27)
The version of Adobe ColdFusion installed on the remote Windows host is prior to 11.x update 19, 2016.x update 11, or 2018.x update 4. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB19-27 advisory. - File extension blacklist bypass potentially leading to Arbitrary...
CVE-2019-7838
Adobe ColdFusion prior to updates 11.x/2016.x/2018.x are vulnerable to CVE-2019-7838 due to a file extension blacklist bypass, enabling arbitrary code execution on successful exploitation. The Red Hat/NVD/Nessus entries confirm the same issue and indicate remediation by updating to affected patch...