Adobe Macromedia ColdFusion MX 6.1 Access Control Flaw Sandbox Security bypass
| coldfusion-mx-sandbox-bypass (14984) |  Medium Risk |
Description:
Macromedia ColdFusion MX Enterprise and J2EE could allow a remote authenticated attacker to bypass Sandbox security restrictions and obtain sensitive information. A Sandbox is created when a directory or directories are given a set of rules. Even if the CreateObject or <cfobject> features are disabled, a remote attacker could escape sandbox restrictions by creating Java objects without using CreateObject or <cfobject> to access restricted files on the system.
Platforms Affected:
- Macromedia, ColdFusion 6.1
Remedy:
Apply the Sandbox Security patch, as listed in Macromedia Security Bulletin MPSB04-01. See References.
Consequences:
Bypass Security
References:
- Macromedia Security Bulletin MPSB04-01, Security Patch available for ColdFusion MX sandbox security at http://www.macromedia.com/devnet/security/security_zone/mpsb04-01.html.
- BID-9521: Macromedia ColdFusion MX Security Sandbox Circumvention Vulnerability
- CVE-2004-2331: ColdFusion MX 6.1 and 6.1 J2EE allows local users to bypass sandbox security restrictions and obtain sensitive information by using Java reflection methods to access trusted Java objects without using the CreateObject function or cfobject tag.
- SA10743: Cold Fusion MX Form Denial of Service and Sandbox Bypass
Reported:
Jan 28, 2004
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net