Lucene search

MitreCVE-2001-1427

HistoryMar 22, 2005 - 5:00 a.m.

CVE-2001-1427

2005-03-2205:00:00

mitre

web.nvd.nist.gov

coldfusion server

vulnerability

remote attack

template overwrite

cve-2001-1427

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.01

Percentile

83.5%

JSON

Unknown vulnerability in ColdFusion Server 2.0 through 4.5.1 SP2 allows remote attackers to overwrite templates with zero byte files via unknown attack vectors.

Affected configurations

Nvd

Node

macromediacoldfusionMatch2.0

macromediacoldfusionMatch3.0

macromediacoldfusionMatch3.0.1

macromediacoldfusionMatch3.1

macromediacoldfusionMatch3.1.1

macromediacoldfusionMatch3.1.2

macromediacoldfusionMatch4.0

macromediacoldfusionMatch4.0.1

macromediacoldfusionMatch4.5

macromediacoldfusionMatch4.5.1

macromediacoldfusionMatch4.5.1sp1

macromediacoldfusionMatch4.5.1sp2

VendorProductVersionCPE
macromediacoldfusion2.0cpe:2.3:a:macromedia:coldfusion:2.0:*:*:*:*:*:*:*
macromediacoldfusion3.0cpe:2.3:a:macromedia:coldfusion:3.0:*:*:*:*:*:*:*
macromediacoldfusion3.0.1cpe:2.3:a:macromedia:coldfusion:3.0.1:*:*:*:*:*:*:*
macromediacoldfusion3.1cpe:2.3:a:macromedia:coldfusion:3.1:*:*:*:*:*:*:*
macromediacoldfusion3.1.1cpe:2.3:a:macromedia:coldfusion:3.1.1:*:*:*:*:*:*:*
macromediacoldfusion3.1.2cpe:2.3:a:macromedia:coldfusion:3.1.2:*:*:*:*:*:*:*
macromediacoldfusion4.0cpe:2.3:a:macromedia:coldfusion:4.0:*:*:*:*:*:*:*
macromediacoldfusion4.0.1cpe:2.3:a:macromedia:coldfusion:4.0.1:*:*:*:*:*:*:*
macromediacoldfusion4.5cpe:2.3:a:macromedia:coldfusion:4.5:*:*:*:*:*:*:*
macromediacoldfusion4.5.1cpe:2.3:a:macromedia:coldfusion:4.5.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
macromedia	coldfusion	2.0	cpe:2.3:a:macromedia:coldfusion:2.0:::::::*
macromedia	coldfusion	3.0	cpe:2.3:a:macromedia:coldfusion:3.0:::::::*
macromedia	coldfusion	3.0.1	cpe:2.3:a:macromedia:coldfusion:3.0.1:::::::*
macromedia	coldfusion	3.1	cpe:2.3:a:macromedia:coldfusion:3.1:::::::*
macromedia	coldfusion	3.1.1	cpe:2.3:a:macromedia:coldfusion:3.1.1:::::::*
macromedia	coldfusion	3.1.2	cpe:2.3:a:macromedia:coldfusion:3.1.2:::::::*
macromedia	coldfusion	4.0	cpe:2.3:a:macromedia:coldfusion:4.0:::::::*
macromedia	coldfusion	4.0.1	cpe:2.3:a:macromedia:coldfusion:4.0.1:::::::*
macromedia	coldfusion	4.5	cpe:2.3:a:macromedia:coldfusion:4.5:::::::*
macromedia	coldfusion	4.5.1	cpe:2.3:a:macromedia:coldfusion:4.5.1:::::::*

Rows per page:

1-10 of 121

References

www.kb.cert.org/vuls/id/321475

www.macromedia.com/devnet/security/security_zone/mpsb01-07.html

www.securityfocus.com/bid/3023

exchange.xforce.ibmcloud.com/vulnerabilities/6840

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.01

Percentile

83.5%

JSON

Related for CVE-2001-1427