virus logo Intrusion Prevention

Adobe.ColdFusion.Scheduled.Task.Arbitrary.File.Upload

description-logoDescription

This indicates an attack attempt against an arbitrary File Upload vulnerability in the Adobe ColdFusion.
The vulnerability is caused by an error when the vulnerable software handles a malicious HTTP request with a crafted URI. It allows a remote attacker to upload an arbitrary file via sending a crafted URI to a vulnerable application.

affected-products-logoAffected Products

Adobe ColdFusion 10
Adobe ColdFusion 9
Adobe ColdFusion 8
Adobe ColdFusion 7

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Refer to the vendor's website for suggested solution.
http://helpx.adobe.com/coldfusion/kb/coldfusion-security-hotfix-apsb13-03.html

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

http://www.adobe.com/support/security/bulletins/apsb13-03.html http://www.adobe.com/support/security/bulletins/apsb13-03.html http://www.carehart.org/blog/client/index.cfm/2013/1/2/Part2_serious_security_threat http://www.carehart.org/blog/client/index.cfm/2013/1/2/serious_security_threat
ID 34346
Created Jan 09, 2013
Updated Nov 23, 2016
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
CVE ID
Default Action drop
Active
Affected OS All
Affected App Adobe