|
|
CVE Reference: CVE-2006-5858 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-5858 |
|
|
Description: Adobe ColdFusion MX 7 through 7.0.2, and JRun 4, when run on Microsoft IIS, allows remote attackers to read arbitrary files, list directories, or read source code via a double URL-encoded NULL byte in a ColdFusion filename, such as a CFM file. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/31411 ST 1017490 SAID Secunia Advisory: SA23668 OSVDB 32123 IDEFENSE http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=466 CONFIRM http://www.adobe.com/support/security/bulletins/apsb07-02.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/457799/100/0/threaded BID 21978 |
|
| Return to the previous page. |
