Vulnerabilities > CVE-2001-1120 - Unspecified vulnerability in Allaire Coldfusion Server

CVSS 6.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

allaire

NVD

Published: 2001-07-11

Updated: 2017-12-19

Summary

Vulnerabilities in ColdFusion 2.0 through 4.5.1 SP 2 allow remote attackers to (1) read or delete arbitrary files, or (2) overwrite ColdFusion Server templates.

Vulnerable Configurations

Part	Description	Count
Application	Allaire Allaire Coldfusion Server 2.0 Allaire Coldfusion Server 3.0 Allaire Coldfusion Server 3.0.1 Allaire Coldfusion Server 3.1 Allaire Coldfusion Server 3.1.1 Allaire Coldfusion Server 3.1.2 Allaire Coldfusion Server 4.0 Allaire Coldfusion Server 4.0.1 Allaire Coldfusion Server 4.5 Allaire Coldfusion Server 4.5.1 Allaire Coldfusion Server 4.5.1_Sp1 Allaire Coldfusion Server 4.5.1_Sp2	12

References

http://www.allaire.com/handlers/index.cfm?id=21566
http://www.kb.cert.org/vuls/id/135531
http://www.securityfocus.com/archive/1/196452
http://www.securityfocus.com/bid/3018
https://exchange.xforce.ibmcloud.com/vulnerabilities/6839