Main Vulnerability Database Vulnerabilities #VU45343

Input validation error in ColdFusion - CVE-2011-0582

Published: February 10, 2011 / Updated: August 11, 2020

Vulnerability identifier: #VU45343

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2011-0582

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Adobe

Affected software:
ColdFusion

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

Unspecified vulnerability in the administrator console in Adobe ColdFusion 8.0 through 9.0.1 allows attackers to obtain sensitive information via unknown vectors.

How to mitigate CVE-2011-0582

Install update from vendor's website.

Sources

http://secunia.com/advisories/43264
http://www.adobe.com/support/security/bulletins/apsb11-04.html
http://www.securityfocus.com/bid/46274
http://www.securitytracker.com/id?1025036
http://www.vupen.com/english/advisories/2011/0334
https://exchange.xforce.ibmcloud.com/vulnerabilities/65278

Input validation error in ColdFusion - CVE-2011-0582

Detailed vulnerability description

How to mitigate CVE-2011-0582

Sources

Please verify you're human