Denial of Service Vulnerability in Adobe JRun 4.0 and ColdFusion with Microsoft IIS 6
CVE-2007-1278

Currently unrated

Key Information:

Vendor: Adobe
Status: Coldfusion; Jrun
Vendor: CVE Published:; 16 March 2007

Summary

A significant vulnerability exists in the IIS connector for Adobe JRun 4.0 Updater 6 and ColdFusion MX 6.1 and 7.0 Enterprise when integrated with Microsoft IIS 6. This vulnerability could allow remote attackers to exploit unspecified vectors, leading to a denial of service. Potential impacts include the ability to invoke requests that cause the application to become unresponsive, thereby disrupting services for legitimate users. It is crucial for organizations utilizing these products to assess their exposure and apply the necessary patches.

References

http://www.securitytracker.com/id?1017752

vdb-entryx_refsource_SECTRACK

http://osvdb.org/34039

vdb-entryx_refsource_OSVDB

http://www.adobe.com/support/security/bulletins/apsb07-07...

x_refsource_CONFIRM

Timeline

Vulnerability published
Mar 16, 2007
Vulnerability Reserved
Mar 5, 2007