ColdFusion Fusebox 4.1.0 allows remote attackers to obtain sensitive information via an invalid fuseaction parameter, which leaks the full server path in an error message, as demonstrated using the "?" (question mark) character.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
http://marc.info/?l=bugtraq&m=112309656102615&w=2 |
![]() ![]() |
History
No history.

Status: PUBLISHED
Assigner: mitre
Published: 2005-08-05T04:00:00
Updated: 2024-08-07T22:30:01.748Z
Reserved: 2005-08-05T00:00:00
Link: CVE-2005-2481

No data.

Status : Modified
Published: 2005-08-05T04:00:00.000
Modified: 2024-11-20T23:59:39.460
Link: CVE-2005-2481

No data.