Short Name |
APP:COLDFUSIONMX-ACC |
---|---|
Severity |
Info |
Recommended |
No |
Category |
APP |
Keywords |
Macromedia ColdFusion MX Path Disclosure |
Release Date |
2005/08/03 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to access the fileprobe.cfm. With default settings, Macromedia ColdFusion MX will return an error message containing the full path of the ColdFusion software. Versions 6.x are vulnerable.
A vulnerability has been reported for Macromedia ColdFusion MX that may reveal the physical path information to attackers. When certain malformed URL requests are received by the server, an error message is returned containing the full path of the ColdFusion installation.