This indicates an attack attempt against a directory-traversal vulnerability in Adobe ColdFusion.
A vulnerability has been reported in ColdFusion that may allow an attacker to disclose the contents of arbitrary files via directory traversal on a vulnerable system. This is possible because the user input filters fail to properly sanitize the "locale" parameter value that is passed to administrator interface. An attacker may gain sensitive information by sending a craft http request.
ColdFusion 8.0, 8.0.1, 9.0, 9.0.1 and earlier versions for Windows, Macintosh and UNIX
Information Disclosure: Remote attackers can gain gain sensitive information from vulnerable systems.
Refer to the vendor's web site for the suggested workaround: