NVD

Id
14295  
Name
CVE-2010-2861  
Description
Multiple directory traversal vulnerabilities in the administrator console in Adobe ColdFusion 9.0.1 and earlier allow remote attackers to read arbitrary files via the locale parameter to (1) CFIDE/administrator/settings/mappings.cfm, (2) logging/settings.cfm, (3) datasources/index.cfm, (4) j2eepackaging/editarchive.cfm, and (5) enter.cfm in CFIDE/administrator/.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-18  
Published
2010-08-11  
Modified Date
2013-09-23  
Seq
2010-2861  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
79045 14295 CVE-2010-2861 8137  View
79046 14295 CVE-2010-2861 8148  View
79047 14295 CVE-2010-2861 http://www.adobe.com/support/security/bulletins/apsb10-18.html  View
79048 14295 CVE-2010-2861 http://www.gnucitizen.org/blog/coldfusion-directory-traversal-faq-cve-2010-2861/  View
79049 14295 CVE-2010-2861 http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr10-07  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
36120 JVNDB-2010-001900 Adobe ColdFusion の administrator コンソールにおけるディレクトリトラバーサルの脆弱性 Adobe ColdFusion の administrator コンソールには、CFIDE/administrator/ 内にあるCFIDE/administrator/settings/mappings.cfm、logging/settings.cfm、 datasources/index.cfm、j2eepackaging/editarchive.cfm および enter.cfm のローカルパラメーターに関する処理に不備があるため、ディレクトリトラバーサルの脆弱性が存在します。 CVE-2010-2861 45441 CVE-2010-2861 14295 7.5 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001900.html 2010-08-10 2010-08-31 View