CVE-2016-1114

Loading...

General

Score:7.5/10.0
Severity:High
Category:N/A

Impact Metrics

Confidentiality:Partial
Integrity:Partial
Availability:Partial

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Published on 11/05/16 - Updated on 28/11/16

Description

Adobe ColdFusion 10 before Update 19, 11 before Update 8, and 2016 before Update 1 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.

Category:

There is insufficient information about the issue to classify it; details are unknown or unspecified.

Security Notices

US National Vulnerability DatabaseCVE-2016-1114
Agence Nationale de la Sécurité des Systèmes d'Information CERTFR-2016-AVI-160

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
adobecoldfusion

Share this vulnerability with:

Twitter Facebook LinkedIn Mail