NuytsTech Security

CVE-2004-0928

by ·

The Microsoft IIS Connector in JRun 4.0 and Macromedia ColdFusion MX 6.0, 6.1, and 6.1 J2EE allows remote attackers to bypass authentication and view source files, such as .asp, .pl, and .php files, via an HTTP request that ends in ";.cfm".

Date published : 2005-04-21

http://www.securityfocus.com/bid/11245

http://marc.info/?l=bugtraq&m=109621995623823&w=2

Tags: