Vulnerabilities in ColdFusion 2.0 through 4.5.1 SP 2 allow remote attackers to (1) read or delete arbitrary files, or (2) overwrite ColdFusion Server templates.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Coldfusion_server | Allaire | 2.0 (including) | 2.0 (including) |
Coldfusion_server | Allaire | 3.0 (including) | 3.0 (including) |
Coldfusion_server | Allaire | 3.0.1 (including) | 3.0.1 (including) |
Coldfusion_server | Allaire | 3.1 (including) | 3.1 (including) |
Coldfusion_server | Allaire | 3.1.1 (including) | 3.1.1 (including) |
Coldfusion_server | Allaire | 3.1.2 (including) | 3.1.2 (including) |
Coldfusion_server | Allaire | 4.0 (including) | 4.0 (including) |
Coldfusion_server | Allaire | 4.0.1 (including) | 4.0.1 (including) |
Coldfusion_server | Allaire | 4.5 (including) | 4.5 (including) |
Coldfusion_server | Allaire | 4.5.1 (including) | 4.5.1 (including) |
Coldfusion_server | Allaire | 4.5.1_sp1 (including) | 4.5.1_sp1 (including) |
Coldfusion_server | Allaire | 4.5.1_sp2 (including) | 4.5.1_sp2 (including) |