Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
CVE ID: | CVE-2004-0928 |
Description: | The Microsoft IIS Connector in JRun 4.0 and Macromedia ColdFusion MX 6.0, 6.1, and 6.1 J2EE allows remote attackers to bypass authentication and view source files, such as .asp, .pl, and .php files, via an HTTP request that ends in ";.cfm". |
Test IDs: | None available |
Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2004-0928 BugTraq ID: 11245 http://www.securityfocus.com/bid/11245 Bugtraq: 20040923 New Macromedia Security Zone Bulletins Posted (Google Search) http://marc.info/?l=bugtraq&m=109621995623823&w=2 CERT/CC vulnerability note: VU#977440 http://www.kb.cert.org/vuls/id/977440 http://www.idefense.com/application/poi/display?id=148&type=vulnerabilities http://secunia.com/advisories/12638/ http://secunia.com/advisories/12647/ XForce ISS Database: coldfusion-jrun-restriction-bypass(17484) https://exchange.xforce.ibmcloud.com/vulnerabilities/17484 |