Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (Web Server/CGI)  >   Adobe ColdFusion Vendors:   Macromedia
ColdFusion MX May Disclose Source Code to Remote Users
SecurityTracker Alert ID:  1011405
SecurityTracker URL:
CVE Reference:   CVE-2004-0928   (Links to External Site)
Updated:  Oct 5 2004
Original Entry Date:  Sep 24 2004
Impact:   Disclosure of system information, Disclosure of user information, Not specified
Fix Available:  Yes  Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): ColdFusion MX 6.0, 6.1, 6.1 J2EE - JRun
Description:   Two vulnerabilities were reported in ColdFusion MX. A remote user can view the source code of certain files on the system. The impact of a buffer overflow was not specified.

The vendor reported that a remote user can submit a specially crafted request ending with the ';.cfm' string to cause the underlying JRun server to show the source for certain files on the system. Files that are not associated with Macromedia extensions (e.g., '.php', '.asp', '.pl') are affected.

The vendor indicates that only the Microsoft IIS connector is affected by this vulnerability.

It is also reported that if the 'verbose' logging debug mode is enabled on the JRun web server connectors, a remote user can trigger a buffer overflow. In the default setting for verbose logging (disabled), the system is not vulnerable to the buffer overflow. The impact was not specified.

The vendor-assigned severity rating is 'Critical'.

The vendor was notified on July 8, 2004.

Macromedia credits iDEFENSE with reporting these flaws.

Impact:   A remote user can view the source code of certain types of files on the system.

The impact was not specified for the buffer overflow vulnerability.

Solution:   The vendor has described some configuration changes to prevent these vulnerabilities, available at:

Vendor URL: (Links to External Site)
Cause:   Access control error, Boundary error
Underlying OS:  Linux (Any), UNIX (HP/UX), UNIX (Solaris - SunOS), Windows (NT), Windows (2000), Windows (XP)

Message History:   None.

 Source Message Contents

[Original Message Not Available for Viewing]

Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, LLC