CVE-1999-0455

HIGH

Description

The Expression Evaluator sample application in ColdFusion allows remote attackers to read or delete files on the server via exprcalc.cfm, which does not restrict access to the server properly.

References

http://www.securityfocus.com/bid/115

Details

Source: MITRE

Published: 1999-12-25

Updated: 2008-09-09

Risk Information

CVSS v2.0

Base Score: 7.5

Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH