CVE-2003-1469

Published: Dec 31, 2003Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

The default configuration of ColdFusion MX has the "Enable Robust Exception Information" option selected, which allows remote attackers to obtain the full path of the web server via a direct request to CFIDE/probe.cfm, which leaks the path in an error message.

Affected (4)

Products: Macromedia: Coldfusion, Coldfusion Professional

2 products

Coldfusion Professional

Configuration A

4 vulnerable · 3 platform

Vulnerable Software	Affected Versions
Macromedia Coldfusion	All versions
Macromedia Coldfusion	All versions
Macromedia Coldfusion	Version 6.0
Macromedia Coldfusion Professional	All versions

Running on/with	Platform Versions
Microsoft Windows 2000	All versions
Microsoft Windows Nt	All versions
Microsoft Windows Xp	All versions

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (10)

http://securityreason.com/securityalert/3307

Source: cve@mitre.org

http://www.nii.co.in/vuln/pdmac.html

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/319867

Source: cve@mitre.org

http://www.securityfocus.com/bid/7443

Source: cve@mitre.org

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/11879

Source: cve@mitre.org

http://securityreason.com/securityalert/3307

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.nii.co.in/vuln/pdmac.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/319867

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/7443

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/11879

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.