Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:4419
HistoryNov 07, 2008 - 12:00 a.m.

Adobe ColdFusion本地信息泄露及权限提升漏洞

2008-11-0700:00:00
Root
www.seebug.org
21

0.0004 Low

EPSS

Percentile

10.4%

JSON

BUGTRAQ ID: 32130
CVE(CAN) ID: CVE-2008-4831

ColdFusion是一款高效的网络应用服务器开发环境,具有很高的易用性和开发效率,基于标准的Java技术,可以与XML、Web Services和Microsoft.NET环境相集成。

ColdFusion中的安全漏洞可能允许低权限用户绕过沙盒限制,访问敏感信息或获得权限提升。仅处于共享托管环境中的ColdFusion服务器才受这个漏洞影响,无法远程利用。

Adobe ColdFusion MX 7.0.2
Adobe ColdFusion 8.0.1
Adobe ColdFusion 8
Adobe

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

<a href=“http://www.adobe.com/support/security/bulletins/downloads/hf800-73122.jar” target=“_blank”>http://www.adobe.com/support/security/bulletins/downloads/hf800-73122.jar</a>

Related

cve 1
nvd 1
cvelist 1
prion 1
cve
cve
CVE-2008-4831
2008-11-10 14:12:55
nvd
nvd
CVE-2008-4831
2008-11-10 14:12:55
cvelist
cvelist
CVE-2008-4831
2008-11-10 11:00:00
prion
prion
Design/Logic Flaw
2008-11-10 14:12:00

0.0004 Low

EPSS

Percentile

10.4%

JSON
Related for SSV:4419
cve1nvd1cvelist1prion1