Information disclosure in Macromedia Coldfusion
CVE-2003-1469
The default configuration of ColdFusion MX has the "Enable Robust Exception Information" option selected, which allows remote attackers to obtain the full path of the web server via a direct request to CFIDE/probe.cfm, which leaks the path…
Vulnerability class: Information Disclosure
EPSS: 0.062 (92.6th percentile) — read the EPSS interpretation.
Affected products
- Macromedia Coldfusion — versions 6.0
- Macromedia Coldfusion_professional
- Microsoft Windows_2000
- Microsoft Windows_nt
- Microsoft Windows_xp
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (Exploit, vdb-entry, x_refsource_BID)
- cve@mitre.org (x_refsource_MISC)
- cve@mitre.org (x_refsource_SREASON, third-party-advisory)