Details of VAR-200301-0038

ID

VAR-200301-0038

TITLE

Macromedia ColdFusion MX CFInclude and CFModule Mark Sandbox Security Check Bypass Vulnerabilities

Trust: 0.6

sources: CNVD: CNVD-2013-15471

DESCRIPTION

Macromedia ColdFusion MX is an efficient web application server development environment with high ease of use and development efficiency, based on standard Java technology. Can be integrated with XML, Web Services, and the Microsoft .NET environment. ColdFusion MX does not properly handle cfinclude and cfmodule tags, and remote attackers can exploit this vulnerability to gain unauthorized access to system files. The <cfinclude> and <cfmodule> tags receive filenames using relative paths as arguments, and ColdFusion MX does not check Sandbox security file/directory permissions checks when including files that use these tags, which can result in unauthorized builds of malicious templates that use these tags. data. A vulnerability in the use of the cfinclude and cfmodule Tags exists in ColdFusion MX. In environments that are sandboxed, it may be possible for a script to access files outside of the sandboxed directory. This could lead to unauthorized access to files on the host

Trust: 0.81

sources: CNVD: CNVD-2013-15471 // BID: 6566

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2013-15471

AFFECTED PRODUCTS

vendor:	no	model:	-	scope:	-	version:	-	Trust: 0.6
vendor:	macromedia	model:	coldfusion server mx enterprise	scope:	-	version:	-	Trust: 0.3

sources: CNVD: CNVD-2013-15471 // BID: 6566

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2013-15471
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2013-15471
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2013-15471

THREAT TYPE

network

Trust: 0.3

sources: BID: 6566

TYPE

Input Validation Error

Trust: 0.3

sources: BID: 6566

PATCH

title:

Macromedia ColdFusion MX CFInclude and CFModule Mark Sandbox Security Check for Vulnerability Patches

url:

https://www.cnvd.org.cn/patchinfo/show/41886

Trust: 0.6

sources: CNVD: CNVD-2013-15471

EXTERNAL IDS

db:	BID	id:	6566	Trust: 0.9
db:	CNVD	id:	CNVD-2013-15471	Trust: 0.6

sources: CNVD: CNVD-2013-15471 // BID: 6566

REFERENCES

url:	http://www.macromedia.com/v1/handlers/index.cfm?id=23638	Trust: 0.9
url:	http://www.macromedia.com	Trust: 0.3

sources: CNVD: CNVD-2013-15471 // BID: 6566

CREDITS

Vulnerability discovery credited to Jochem van Dieten.

Trust: 0.3

sources: BID: 6566

SOURCES

db:	CNVD	id:	CNVD-2013-15471
db:	BID	id:	6566

LAST UPDATE DATE

2022-05-17T01:47:38.795000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2013-15471	date:	2013-12-23T00:00:00
db:	BID	id:	6566	date:	2003-01-09T00:00:00

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2013-15471	date:	2003-01-10T00:00:00
db:	BID	id:	6566	date:	2003-01-09T00:00:00