CVE-2011-0581Improper Input Validation in Adobe Coldfusion

CWE-20Improper Input Validation3 documents3 sources
Severity
4.3MEDIUMNVD
EPSS
2.4%
top 14.97%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Adobe Coldfusion
Timeline
PublishedFeb 10
Latest updateMay 17

Description

Multiple CRLF injection vulnerabilities in Adobe ColdFusion 8.0 through 9.0.1 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified tags.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

NVDadobe/coldfusion4 versions+3

Patches

Patch: www.adobe.comPatch: www.adobe.com

🔴Vulnerability Details

2
GHSA
GHSA-m7cc-4256-rx42: Multiple CRLF injection vulnerabilities in Adobe ColdFusion 82022-05-17
CVEList
CVE-2011-0581: Multiple CRLF injection vulnerabilities in Adobe ColdFusion 82011-02-10
CVE-2011-0581 — Improper Input Validation in Adobe | cvebase