- EPSS 3.64%
- Veröffentlicht 12.09.2012 10:38:33
- Zuletzt bearbeitet 16.06.2026 23:40:51
Unspecified vulnerability in Adobe ColdFusion 10 and earlier allows attackers to cause a denial of service via unknown vectors.
CVE-2012-2041
- EPSS 1.86%
- Veröffentlicht 13.06.2012 04:46:46
- Zuletzt bearbeitet 16.06.2026 23:40:50
CRLF injection vulnerability in the Component Browser in Adobe ColdFusion 8.0 through 9.0.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
- EPSS 2.96%
- Veröffentlicht 13.03.2012 22:55:01
- Zuletzt bearbeitet 16.06.2026 23:38:13
Adobe ColdFusion 8.0, 8.0.1, 9.0, and 9.0.1 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many ...
CVE-2011-4368
- EPSS 2.39%
- Veröffentlicht 14.12.2011 11:55:07
- Zuletzt bearbeitet 16.06.2026 23:34:51
Cross-site scripting (XSS) vulnerability in Remote Development Services (RDS) in Adobe ColdFusion 8.0 through 9.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2011-2463
- EPSS 2.39%
- Veröffentlicht 14.12.2011 11:55:06
- Zuletzt bearbeitet 16.06.2026 23:31:23
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 8.0 through 9.0.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving the cfform tag.
CVE-2011-0629
- EPSS 1.44%
- Veröffentlicht 16.06.2011 23:55:01
- Zuletzt bearbeitet 16.06.2026 23:27:46
Cross-site request forgery (CSRF) vulnerability in Adobe ColdFusion 8.0, 8.0.1, 9.0, and 9.0.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
- EPSS 3.29%
- Veröffentlicht 16.06.2011 23:55:01
- Zuletzt bearbeitet 16.06.2026 23:30:40
Unspecified vulnerability in Adobe ColdFusion 8.0, 8.0.1, 9.0, and 9.0.1 allows remote attackers to cause a denial of service via unknown vectors.
CVE-2011-0583
- EPSS 2.57%
- Veröffentlicht 10.02.2011 16:00:33
- Zuletzt bearbeitet 16.06.2026 23:27:41
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 8.0 through 9.0.1 allows remote attackers to inject arbitrary web script or HTML via the cfform tag.
CVE-2011-0584
- EPSS 2.55%
- Veröffentlicht 10.02.2011 16:00:33
- Zuletzt bearbeitet 16.06.2026 23:27:41
Session fixation vulnerability in Adobe ColdFusion 8.0 through 9.0.1 allows remote attackers to hijack web sessions via unspecified vectors.
CVE-2011-0580
- EPSS 2.55%
- Veröffentlicht 10.02.2011 16:00:32
- Zuletzt bearbeitet 16.06.2026 23:27:40
Multiple cross-site scripting (XSS) vulnerabilities in the administrator console in Adobe ColdFusion 8.0 through 9.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.