CVE-2007-1278

high

Description

Unspecified vulnerability in the IIS connector in Adobe JRun 4.0 Updater 6, and ColdFusion MX 6.1 and 7.0 Enterprise, when using Microsoft IIS 6, allows remote attackers to cause a denial of service via unspecified vectors, involving the request of a file in the JRun web root.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/32994

http://www.vupen.com/english/advisories/2007/0932

http://www.securitytracker.com/id?1017752

http://www.securityfocus.com/bid/22958

http://www.adobe.com/support/security/bulletins/apsb07-07.html

http://secunia.com/advisories/24488

http://osvdb.org/34039

Details

Source: Mitre, NVD

Published: 2007-03-16

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: High

EPSS

EPSS: 0.25617