Macromedia ColdFusion MX 6.0 - Error Message Full Path Disclosure

EDB-ID:

22544




Platform:

CFM

Date:

2003-04-26


source: https://www.securityfocus.com/bid/7443/info

A vulnerability has been reported for Macromedia ColdFusion MX that may reveal the physical path information to attackers.

When certain malformed URL requests are received by the server, an error message is returned containing the full path of the ColdFusion installation.

http://host:8500/CFIDE/probe.cfm