CVE-1999-0477 - CVE Details

Description

The Expression Evaluator in the ColdFusion Application Server allows a remote attacker to upload files to the server via openfile.cfm, which does not restrict access to the server properly.

Severity

Overall Severity: N/A

CVSS Metrics

Type	Score	Severity	Vector

Affected Products

allaire - coldfusion_server

Affected Versions:

allaire - coldfusion_server

Affected Versions:

allaire - coldfusion_server

Affected Versions:

3.01

allaire - coldfusion_server

Affected Versions:

3.11

allaire - coldfusion_server

Affected Versions:

3.12

allaire - coldfusion_server

Affected Versions:

References

http://www.securityfocus.com/bid/115
PatchVendor Advisory
http://www.securityfocus.com/bid/115
PatchVendor Advisory