ColdFusion versions Update 3 and earlier, Update 10 and earlier, and Update 18 and earlier have a file extension blacklist bypass vulnerability. Successful exploitation could lead to arbitrary code execution.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: adobe
Published: 2019-06-12T15:13:45
Updated: 2024-08-04T21:02:18.936Z
Reserved: 2019-02-12T00:00:00
Link: CVE-2019-7838
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2019-06-12T16:29:00.347
Modified: 2020-09-04T14:21:52.023
Link: CVE-2019-7838
Redhat
No data.