Adobe ColdFusion Multiple Vulnerabilities (APSB16-16) (credentialed check)

Critical Nessus Plugin ID 91102


A web-based application running on the remote Windows host is affected by multiple vulnerabilities.


The version of Adobe ColdFusion running on the remote Windows host is missing a security hotfix. It is, therefore, affected by multiple vulnerabilities :

- A cross-site scripting vulnerability exists due to improper validation of user-supplied input. An attacker can exploit this to execute arbitrary script code in a user's browser session. (CVE-2016-1113)

- A remote code execution vulnerability exists in the Apache Commons Collections (ACC) library that is triggered during the deserialization of Java Objects. An unauthenticated, remote attacker can exploit this to execute arbitrary code on the target host.

- A flaw exists related to certificate validation due to the server hostname not being verified to match a domain name in the Subject's Common Name (CN) or SubjectAltName field when handling wild card certificates. A man-in-the-middle attacker can exploit this by spoofing the TLS/SSL server via a certificate that appears valid, resulting the disclosure or manipulation of transmitted data. (CVE-2016-1115)


Apply the relevant hotfix as referenced in Adobe Security Bulletin APSB16-16.

See Also

Plugin Details

Severity: Critical

ID: 91102

File Name: coldfusion_win_apsb16-16.nasl

Version: $Revision: 1.5 $

Type: local

Agent: windows

Family: Windows

Published: 2016/05/12

Modified: 2016/07/11

Dependencies: 55514

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:ND

Vulnerability Information

CPE: cpe:/a:adobe:coldfusion

Required KB Items: SMB/coldfusion/instance

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2016/05/10

Vulnerability Publication Date: 2015/01/28

Reference Information

CVE: CVE-2016-1113, CVE-2016-1114, CVE-2016-1115

BID: 90506, 90507, 90514

OSVDB: 129952, 130424, 138222, 138223, 138224

CERT: 576313