Weekly Vulnerabilities Reports > January 7 to 13, 2013
Overview
3 new vulnerabilities reported during this period, including 1 critical vulnerabilities and 2 high severity vulnerabilities. This weekly summary report vulnerabilities in 1 products from 1 vendors including and Adobe. Vulnerabilities are notably categorized as and "Improper Authentication".
- 3 reported vulnerabilities are remotely exploitables.
- 1 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 3 reported vulnerabilities are exploitable by an anonymous user.
- Adobe has the most reported vulnerabilities, with 3 reported vulnerabilities.
- Adobe has the most reported critical vulnerabilities, with 1 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
1 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2013-01-09 | CVE-2013-0625 | Adobe | Improper Authentication vulnerability in Adobe Coldfusion 9.0/9.0.1/9.0.2 Adobe ColdFusion 9.0, 9.0.1, and 9.0.2, when a password is not configured, allows remote attackers to bypass authentication and possibly execute arbitrary code via unspecified vectors, as exploited in the wild in January 2013. | 9.8 |
2 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2013-01-09 | CVE-2013-0631 | Adobe | Unspecified vulnerability in Adobe Coldfusion 9.0/9.0.1/9.0.2 Adobe ColdFusion 9.0, 9.0.1, and 9.0.2 allows attackers to obtain sensitive information via unspecified vectors, as exploited in the wild in January 2013. | 7.5 |
2013-01-09 | CVE-2013-0629 | Adobe | Unspecified vulnerability in Adobe Coldfusion Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10, when a password is not configured, allows attackers to access restricted directories via unspecified vectors, as exploited in the wild in January 2013. | 7.5 |
0 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|
0 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|