Vulnerabilities > Adobe > Coldfusion > 10.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-04-10 | CVE-2013-1387 | Unspecified vulnerability in Adobe Coldfusion Unspecified vulnerability in Adobe ColdFusion 9.0 before Update 10, 9.0.1 before Update 9, 9.0.2 before Update 4, and 10 before Update 9 allows attackers to impersonate users via unknown vectors. | 7.5 |
2013-01-17 | CVE-2013-0632 | Information Exposure vulnerability in Adobe Coldfusion administrator.cfc in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to bypass authentication and possibly execute arbitrary code by logging in to the RDS component using the default empty password and leveraging this session to access the administrative web interface, as exploited in the wild in January 2013. | 10.0 |
2013-01-09 | CVE-2013-0629 | Permissions, Privileges, and Access Controls vulnerability in Adobe Coldfusion Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10, when a password is not configured, allows attackers to access restricted directories via unspecified vectors, as exploited in the wild in January 2013. | 4.3 |
2013-01-09 | CVE-2013-0625 | Credentials Management vulnerability in Adobe Coldfusion Adobe ColdFusion 9.0, 9.0.1, and 9.0.2, when a password is not configured, allows remote attackers to bypass authentication and possibly execute arbitrary code via unspecified vectors, as exploited in the wild in January 2013. | 6.8 |
2012-12-12 | CVE-2012-5675 | Permissions, Privileges, and Access Controls vulnerability in Adobe Coldfusion Adobe ColdFusion 9.0 through 9.0.2, and 10, allows local users to bypass intended shared-hosting sandbox permissions via unspecified vectors. | 4.4 |
2012-11-20 | CVE-2012-5674 | Unspecified vulnerability in Adobe Coldfusion 10.0 Unspecified vulnerability in Adobe ColdFusion 10 before Update 5, when Internet Information Services (IIS) is used, allows attackers to cause a denial of service via unknown vectors. network adobe | 7.1 |
2012-09-12 | CVE-2012-2048 | Local Denial of Service vulnerability in Adobe ColdFusion Unspecified vulnerability in Adobe ColdFusion 10 and earlier allows attackers to cause a denial of service via unknown vectors. | 5.0 |