CVE-2011-0584

Severity

43%

Complexity

86%

Confidentiality

48%

Per: http://cwe.mitre.org/data/definitions/384.html 'CWE-384: Session Fixation'

Session fixation vulnerability in Adobe ColdFusion 8.0 through 9.0.1 allows remote attackers to hijack web sessions via unspecified vectors.

Per: http://cwe.mitre.org/data/definitions/384.html 'CWE-384: Session Fixation'

CVSS 2.0 Base Score 4.3. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N).

Overview

Type

Adobe ColdFusion

First reported 14 years ago

2011-02-10 16:00:00

Last updated 7 years ago

2017-08-17 01:33:00

Affected Software

アドビシステムズ ColdFusion 8.0

8.0

Adobe ColdFusion 8.0.1

8.0.1

Adobe ColdFusion 9.0

9.0

Adobe ColdFusion 9.0.1

9.0.1

References

43264

http://www.adobe.com/support/security/bulletins/apsb11-04.html

Patch, Vendor Advisory

46278

1025036

ADV-2011-0334

adobe-coldfusion-session-hijacking(65280)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.