CERTA-2007-AVI-125
Vulnerability from certfr_avis
Une vulnérabilité dans Adobe JRun et ColdFusion MX permet à un attaquant d'effectuer un déni de service à distance.
Description
Une vulnérabilité au niveau du connecteur IIS 6 dans Adobe JRun et ColdFusion MX permet à une personne malintentionnée d'effecuter un déni de service à distance. Les versions standard de ColdFusion MX 6.1 et ColdFusion MX 7.0 ne sont pas affectées.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Adobe | ColdFusion | Adobe ColdFusion MX 6.1 Enterprise avec l'option J2EE déployé sur JRun Updater 6. | ||
| Adobe | ColdFusion | Adobe ColdFusion MX 7.0 Enterprise Edition avec l'option Multi-Server ; | ||
| Adobe | ColdFusion | Adobe JRun 4.0 Updater 6 ; |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Adobe ColdFusion MX 6.1 Enterprise avec l\u0027option J2EE d\u00e9ploy\u00e9 sur JRun Updater 6.",
"product": {
"name": "ColdFusion",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe ColdFusion MX 7.0 Enterprise Edition avec l\u0027option Multi-Server ;",
"product": {
"name": "ColdFusion",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe JRun 4.0 Updater 6 ;",
"product": {
"name": "ColdFusion",
"vendor": {
"name": "Adobe",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 au niveau du connecteur IIS 6 dans Adobe JRun et\nColdFusion MX permet \u00e0 une personne malintentionn\u00e9e d\u0027effecuter un d\u00e9ni\nde service \u00e0 distance. Les versions standard de ColdFusion MX 6.1 et\nColdFusion MX 7.0 ne sont pas affect\u00e9es.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2007-1278",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-1278"
}
],
"initial_release_date": "2007-03-14T00:00:00",
"last_revision_date": "2007-03-14T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB07-07 du 13 mars 2007 :",
"url": "http://www.adobe.com/support/security/bulletins/apsb07-07.html"
}
],
"reference": "CERTA-2007-AVI-125",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2007-03-14T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 dans Adobe JRun et ColdFusion MX permet \u00e0 un attaquant\nd\u0027effectuer un d\u00e9ni de service \u00e0 distance.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans Adobe JRun et ColdFusion MX",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 APSB07-07 d\u0027Adobe du 13 mars 2007",
"url": null
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…