Vulnerability in Macromedia Coldfusion
CVE-2005-1022
ColdFusion 6.1 Updater 1 places Java .class files under the web root in the /WEB-INF/cfclasses directory, which allows remote attackers to obtain sensitive information.
EPSS: 0.017 (74.1th percentile) — read the EPSS interpretation.
Affected products
- Macromedia Coldfusion — versions 6.1
- N/a — versions n/a
References
- cve@mitre.org (x_refsource_CONFIRM, Patch, Vendor Advisory)
- cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)