CVE Vulnerabilities

CVE-2004-0928

Published: Oct 05, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

The Microsoft IIS Connector in JRun 4.0 and Macromedia ColdFusion MX 6.0, 6.1, and 6.1 J2EE allows remote attackers to bypass authentication and view source files, such as .asp, .pl, and .php files, via an HTTP request that ends in ;.cfm.

Affected Software

Name Vendor Start Version End Version
Cosminexus_enterprise Hitachi 01_01_1 (including) 01_01_1 (including)
Cosminexus_enterprise Hitachi 01_02_2 (including) 01_02_2 (including)
Cosminexus_server Hitachi web_01-01_1 (including) web_01-01_1 (including)
Cosminexus_server Hitachi web_01-01_2 (including) web_01-01_2 (including)
Coldfusion Macromedia 6.0 (including) 6.0 (including)
Coldfusion Macromedia 6.1 (including) 6.1 (including)
Jrun Macromedia 3.0 (including) 3.0 (including)
Jrun Macromedia 3.1 (including) 3.1 (including)
Jrun Macromedia 4.0 (including) 4.0 (including)

References