|
Allaire ColdFusion Remote File Display, Deletion, Upload and Execution Vulnerability
Solution: Use one of the following solutions: 1. Remove the documentation directory (CFDOCS) from the server (this will not affect functionality of the server). 2. Install the ColdFusion Server 4.0.1 Update, available for download from the DevCenter: http://www.allaire.com/developer (Note the 4.0.1 Update requires ColdFusion Server 4.0.) 3: For versions of ColdFusion prior to 4.0, Allaire has released a patch that requires requests for the .cfm files in question to originate from the local host in order to be processed. Allaire ColdFusion Server 2.0
Allaire ColdFusion Server 3.0
Allaire ColdFusion Server 3.0.1
Allaire ColdFusion Server 3.1
Allaire ColdFusion Server 3.1.1
Allaire ColdFusion Server 3.1.2
Allaire ColdFusion Server 4.0
|
|
 Privacy Statement |
