Adobe ColdFusion Verity library privilege escalation
| coldfusion-library-privilege-escalation (29475) |  High Risk |
Description:
Adobe ColdFusion could allow local attackers to gain elevated privileges, caused by improper validation in a Verity third party library installed with ColdFusion. A local attacker could send specially-crafted commands to the library from within the client which could be executed with SYSTEM level privileges.
*CVSS:
| Base Score: | 7 |
| Access Vector: | Local |
| Access Complexity: | Low |
| Authentication: | Not Required |
| Confidentiality Impact: | Complete |
| Integrity Impact: | Complete |
| Availability Impact: | Complete |
| Temporal Score: | 5.2 |
| Exploitability: | Unproven |
| Remediation Level: | Official-Fix |
| Report Confidence: | Confirmed |
Consequences:
Gain Privileges
Remedy:
Refer to APSB06-14 for upgrade information. See References.
References:
- Adobe Macromedia Products Web site: ColdFusion MX 7.
- APSB06-17: Patch available for ColdFusion MX 7 local privilege escalation.
- BID-20431: Adobe ColdFusion MX Verity Library Local Privilege Escalation Vulnerability
- CVE-2006-3978: Unspecified vulnerability in a Verity third party library, as used on Adobe ColdFusion MX 7 through MX 7.0.2 and possibly other products, allows local users to execute arbitrary code via unknown attack vectors.
- SA22312: Adobe ColdFusion Verity Library Privilege Escalation Vulnerability
- SECTRACK ID: 1017040: Macromedia ColdFusion 3rd Party Bug Lets Local Users Gain Local System Privileges
- VUPEN/ADV-2006-4003: Adobe Macromedia ColdFusion Verity Library Privilege Escalation Vulnerabilities
Platforms Affected:
- Apple Mac OS X 10.3.9
- Apple Mac OS X 10.4.2
- Apple Mac OS X 10.4.3
- IBM AIX 5.1
- IBM AIX 5.3
- IBM AIX 5L
- Macromedia ColdFusion 7.0
- Macromedia ColdFusion 7.0.1
- Macromedia ColdFusion 7.02
- Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Datacenter Server
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2003 Server Standard
- Microsoft Windows 2003 Server Enterprise
- Microsoft Windows 2003 Server Web
- Sun Solaris 10
- Sun Solaris 8
- Sun Solaris 9
Reported:
Oct 10, 2006
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net
* According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall IBM be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.