Lucene search
MitreCVE-1999-0455HistoryFeb 04, 2000 - 5:00 a.m.
CVE-1999-0455
2000-02-0405:00:00
mitre
web.nvd.nist.gov
33
20
cve-1999-0455
coldfusion
remote attack
server access
file deletion
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.6
Confidence
Low
EPSS
0.007
Percentile
80.2%
The Expression Evaluator sample application in ColdFusion allows remote attackers to read or delete files on the server via exprcalc.cfm, which does not restrict access to the server properly.
Affected configurations
Node
allairecoldfusion_serverMatch4.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| allaire | coldfusion_server | 4.0 | cpe:2.3:a:allaire:coldfusion_server:4.0:*:*:*:*:*:*:* |
References
Social References
More
Related
nvd
nvd
CVE-1999-0455
1999-12-25 05:00:00
cvelist
cvelist
CVE-1999-0455
2000-02-04 05:00:00
exploitdb
exploitdb
nessus
nessus
ColdFusion Multiple Vulnerabilities (File Upload/Manipulation)
1999-07-09 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.6
Confidence
Low
EPSS
0.007
Percentile
80.2%
Related for CVE-1999-0455