7.2
CVE-2007-1874
- EPSS 0.84%
- Veröffentlicht 11.04.2007 22:19:00
- Zuletzt bearbeitet 16.06.2026 22:38:28
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Adobe ColdFusion MX 7 for Linux and Solaris uses insecure permissions for certain scripts and directories, which allows local users to execute arbitrary code or obtain sensitive information via the (1) CFMX7DreamWeaverExtensions.mxp, (2) CFReportBuilderInstaller.exe, (3) .com.zerog.registry.xml, (4) uninstall.lax, (5) license.txt, (6) Readme.htm, (7) .com.zerog.registry.xml, (8) k2adminstop, or (9) k2adminstart files; or (10) certain files in lib/wsconfig/.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Adobe ≫ Coldfusion Version7.0 Editionlinux
Adobe ≫ Coldfusion Version7.0 Editionsolaris
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.84% | 0.534 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=510
http://osvdb.org/34930
http://secunia.com/advisories/24850
http://www.adobe.com/support/security/bulletins/apsb07-08.html
http://www.securityfocus.com/bid/23405
http://www.securitytracker.com/id?1017899
http://www.vupen.com/english/advisories/2007/1341
https://exchange.xforce.ibmcloud.com/vulnerabilities/33571