Search criteria
2 vulnerabilities found for coldfusion_server by macromedia
CVE-2001-0535 (GCVE-0-2001-0535)
Vulnerability from nvd – Published: 2001-10-12 04:00 – Updated: 2024-08-08 04:21
VLAI?
Summary
Example applications (Exampleapps) in ColdFusion Server 4.x do not properly restrict prevent access from outside the local host's domain, which allows remote attackers to conduct upload, read, or execute files by spoofing the "HTTP Host" (CGI.Host) variable in (1) the "Web Publish" example script, and (2) the "Email" example script.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:21:38.620Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MPSB01-08",
"tags": [
"vendor-advisory",
"x_refsource_ALLAIRE",
"x_transferred"
],
"url": "http://www.allaire.com/Handlers/index.cfm?ID=21700"
},
{
"name": "20010807 Remote Vulnerabilities in Macromedia ColdFusion Example Applications",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://xforce.iss.net/alerts/advise92.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-08-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Example applications (Exampleapps) in ColdFusion Server 4.x do not properly restrict prevent access from outside the local host\u0027s domain, which allows remote attackers to conduct upload, read, or execute files by spoofing the \"HTTP Host\" (CGI.Host) variable in (1) the \"Web Publish\" example script, and (2) the \"Email\" example script."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-04-12T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MPSB01-08",
"tags": [
"vendor-advisory",
"x_refsource_ALLAIRE"
],
"url": "http://www.allaire.com/Handlers/index.cfm?ID=21700"
},
{
"name": "20010807 Remote Vulnerabilities in Macromedia ColdFusion Example Applications",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://xforce.iss.net/alerts/advise92.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0535",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Example applications (Exampleapps) in ColdFusion Server 4.x do not properly restrict prevent access from outside the local host\u0027s domain, which allows remote attackers to conduct upload, read, or execute files by spoofing the \"HTTP Host\" (CGI.Host) variable in (1) the \"Web Publish\" example script, and (2) the \"Email\" example script."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MPSB01-08",
"refsource": "ALLAIRE",
"url": "http://www.allaire.com/Handlers/index.cfm?ID=21700"
},
{
"name": "20010807 Remote Vulnerabilities in Macromedia ColdFusion Example Applications",
"refsource": "ISS",
"url": "http://xforce.iss.net/alerts/advise92.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0535",
"datePublished": "2001-10-12T04:00:00",
"dateReserved": "2001-06-28T00:00:00",
"dateUpdated": "2024-08-08T04:21:38.620Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0535 (GCVE-0-2001-0535)
Vulnerability from cvelistv5 – Published: 2001-10-12 04:00 – Updated: 2024-08-08 04:21
VLAI?
Summary
Example applications (Exampleapps) in ColdFusion Server 4.x do not properly restrict prevent access from outside the local host's domain, which allows remote attackers to conduct upload, read, or execute files by spoofing the "HTTP Host" (CGI.Host) variable in (1) the "Web Publish" example script, and (2) the "Email" example script.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:21:38.620Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MPSB01-08",
"tags": [
"vendor-advisory",
"x_refsource_ALLAIRE",
"x_transferred"
],
"url": "http://www.allaire.com/Handlers/index.cfm?ID=21700"
},
{
"name": "20010807 Remote Vulnerabilities in Macromedia ColdFusion Example Applications",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://xforce.iss.net/alerts/advise92.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-08-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Example applications (Exampleapps) in ColdFusion Server 4.x do not properly restrict prevent access from outside the local host\u0027s domain, which allows remote attackers to conduct upload, read, or execute files by spoofing the \"HTTP Host\" (CGI.Host) variable in (1) the \"Web Publish\" example script, and (2) the \"Email\" example script."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-04-12T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MPSB01-08",
"tags": [
"vendor-advisory",
"x_refsource_ALLAIRE"
],
"url": "http://www.allaire.com/Handlers/index.cfm?ID=21700"
},
{
"name": "20010807 Remote Vulnerabilities in Macromedia ColdFusion Example Applications",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://xforce.iss.net/alerts/advise92.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0535",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Example applications (Exampleapps) in ColdFusion Server 4.x do not properly restrict prevent access from outside the local host\u0027s domain, which allows remote attackers to conduct upload, read, or execute files by spoofing the \"HTTP Host\" (CGI.Host) variable in (1) the \"Web Publish\" example script, and (2) the \"Email\" example script."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MPSB01-08",
"refsource": "ALLAIRE",
"url": "http://www.allaire.com/Handlers/index.cfm?ID=21700"
},
{
"name": "20010807 Remote Vulnerabilities in Macromedia ColdFusion Example Applications",
"refsource": "ISS",
"url": "http://xforce.iss.net/alerts/advise92.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0535",
"datePublished": "2001-10-12T04:00:00",
"dateReserved": "2001-06-28T00:00:00",
"dateUpdated": "2024-08-08T04:21:38.620Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}