CVE

Id
3924  
CVE No.
CVE-2001-1120  
Status
Candidate  
Description
Vulnerabilities in ColdFusion 2.0 through 4.5.1 SP 2 allow remote attackers to (1) read or delete arbitrary files, or (2) overwrite ColdFusion Server templates.  
Phase
Modified (20040811)  
Votes
ACCEPT(7) Armstrong, Baker, Cole, Foat, Frech, Green, Ziese | NOOP(1) Christey | REVIEWING(1) Wall  
Comments
Green> Acknowledged by vendor in Macromedia Product Security Bulletin (MPSB01-07) issued in July, 2001 | Foat> Note that the link to the confirm should be | http://www.macomedia.com/v1/handlers/index.cfm?id=21566. | Christey> Add period to the end of the description.  

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
18044 3924 CVE-2001-1120 CONFIRM:http://www.allaire.com/handlers/index.cfm?id=21566  View
18045 3924 CVE-2001-1120 CERT-VN:VU#135531  View
18046 3924 CVE-2001-1120 URL:http://www.kb.cert.org/vuls/id/135531  View
18047 3924 CVE-2001-1120 BUGTRAQ:20010712 New Cold Fusion vulnerability  View
18048 3924 CVE-2001-1120 URL:http://www.securityfocus.com/archive/1/196452  View
18049 3924 CVE-2001-1120 XF:coldfusion-unauthorized-file-access(6839)  View
18050 3924 CVE-2001-1120 URL:http://xforce.iss.net/static/6839.php  View
18051 3924 CVE-2001-1120 BID:3018  View

Related JVN