Adobe has just released hotfix updates here to address recently discovered cross site scripting vulnerabilities in ColdFusion 7 / 8 & JRun 4.0 servers. Some of which would allow an attacker to retreive CF admin login details from an unsuspecting administrator. Details of some of these ColdFusion vulnerabilities have been posted here by Digital Security Research Group which include XSS vulnerabilities in the following CFIDE scripts :

• searchlog.cfm. vulnerable parameter startRow
• _logintowizard.cfm. Attacker can inject XSS in url string
• _authenticatewizarduser.cfm. Attacker can inject XSS in url string
• _authenticatewizarduser.cfm.Attacker can inject XSS in url string

An attacker can use vulnerable url parameters in these scripts to inject javascript to be executed by an unsuspecting CF administrator.

Jrun server vulnerabilities are also patched in the updates inlcuding:

• management console directory traversal vulnerability that could potentially lead to information disclosure
• multiple management console cross-site scripting vulnerabilities that could potentially lead to code execution

The security vulnerabilities are considered to be critical in severity and all ColdFusion Server administrators are recommended to patch their systems.

References:
Exploit details posted to securityfocus.org by Digital Security Research
Adobe Hotfix for these new vulnerabilities (APSB09-12)
Cross site scripting (XSS) explained

Comments

san miguel de allende wrote on 11/12/09 5:27 PM

Nice Post I already digged this

rapid4me wrote on 11/19/09 1:52 AM

I didn't quite get the main idea, could you please explain it all in more detail?

buy essay wrote on 02/02/10 11:59 PM

Thank you for information, these patches really critical in severity!

air jordan shoes wrote on 03/10/10 7:18 PM

thank you for your sharing...

Post a comment