Adobe ColdFusion 9.0, 9.0.1, and 9.0.2, when a password is not configured, allows remote attackers to bypass authentication and possibly execute arbitrary code via unspecified vectors, as exploited in the wild in January 2013.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Coldfusion | Adobe | 9.0.2 | 9.0.2 |
Coldfusion | Adobe | 9.0 | 9.0 |
Coldfusion | Adobe | 10.0 | 10.0 |
Coldfusion | Adobe | 9.0.1 | 9.0.1 |