CVE Vulnerabilities

CVE-2000-0189

Published: Mar 01, 2000 | Modified: Sep 10, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

ColdFusion Server 4.x allows remote attackers to determine the real pathname of the server via an HTTP request to the application.cfm or onrequestend.cfm files.

Affected Software

Name Vendor Start Version End Version
Coldfusion_server Allaire 4.0 4.0
Coldfusion_server Allaire 4.0.1 4.0.1
Coldfusion_server Allaire 4.5 4.5

References