) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:adobe:coldfusion:9.0.2:*:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2013-0631 |
Adobe ColdFusion 9.0, 9.0.1, and 9.0.2 allows attackers to obtain sensitive information via unspecified vectors, as exploited in the wild in January 2013. Published: January 08, 2013; 8:55:03 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
| CVE-2013-0629 |
Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10, when a password is not configured, allows attackers to access restricted directories via unspecified vectors, as exploited in the wild in January 2013. Published: January 08, 2013; 8:55:03 PM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2013-0625 |
Adobe ColdFusion 9.0, 9.0.1, and 9.0.2, when a password is not configured, allows remote attackers to bypass authentication and possibly execute arbitrary code via unspecified vectors, as exploited in the wild in January 2013. Published: January 08, 2013; 8:55:00 PM -0500 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
| CVE-2012-5675 |
Adobe ColdFusion 9.0 through 9.0.2, and 10, allows local users to bypass intended shared-hosting sandbox permissions via unspecified vectors. Published: December 12, 2012; 6:38:44 AM -0500 |
V3.x:(not available) V2.0: 4.4 MEDIUM |
| CVE-2012-2048 |
Unspecified vulnerability in Adobe ColdFusion 10 and earlier allows attackers to cause a denial of service via unknown vectors. Published: September 12, 2012; 6:38:33 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
| CVE-2011-0733 |
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before 9.0.1 CHF1 allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header in an id=- query to a .cfm file. Published: February 01, 2011; 1:00:03 PM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |