Cold Fusion Vulnerabilities

Updated 8/8/01

Impact

Various vulnerabilities in the sample scripts included in Cold Fusion could be exploited to read arbitrary files, upload files, or create a denial of service.

Note: The red stoplight on this page indicates the highest possible severity level for this category of vulnerabilities. To determine the severity level in this case, refer to the colored dot beside the link to this tutorial on the previous page.

Background

The remainder of this tutorial is only available with the purchase of SAINTwriter™ or SAINTexpress™.

The Problems

Resolutions

Where can I read more about this?