Main Vulnerability Database SB2016090703

SB2016090703 - Information disclosure in Adobe ColdFusion

Published: September 7, 2016

Security Bulletin ID SB2016090703

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Information disclosure

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Information disclosure (CVE-ID: CVE-2016-4264)

The vulnerability allows attackers to gain access to potentially sensitive data.

The vulnerability exists due to flaw in XML objects analysis engine. A remote attacker supply specially crafted XML data and obtain potentilally sensitive information.

Successful exploitation of this vulnerability will allow an attacker to obtain sensitive information.

Remediation

Install update from vendor's website.

SB2016090703 - Information disclosure in Adobe ColdFusion

Breakdown by Severity

Description

Remediation

References

Please verify you're human