Adobe ColdFusion User_Agent Error Page Cross-Site Scripting Vulnerability

Bugtraq ID:	22401
Class:	Input Validation Error
CVE:	CVE-2007-0817
Remote:	Yes
Local:	No
Published:	Feb 05 2007 12:00AM
Updated:	Feb 13 2007 10:27PM
Credit:	digi7al64 is credited with the discovery of this vulnerability.
Vulnerable:	Adobe ColdFusion MX 7.02 Adobe ColdFusion MX 7.01 Adobe ColdFusion MX 7.00 Adobe ColdFusion MX 6.1
Not Vulnerable:

Adobe ColdFusion User_Agent Error Page Cross-Site Scripting Vulnerability

Adobe ColdFusion is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.

An attacker could exploit this vulnerability to execute arbitrary script code in the context of the affected website. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

Adobe ColdFusion User_Agent Error Page Cross-Site Scripting Vulnerability

To exploit this issue, an attacker must entice a victim into following a malicious URI.

The following proof-of-concept URI is available:

• /data/vulnerabilities/exploits/22401.html

Adobe ColdFusion User_Agent Error Page Cross-Site Scripting Vulnerability

Solution:
The vendor has released advisory APSB07-04 to address this issue. Please see the referenced advisory for details on obtianing and applying the appropriate updates.


Adobe ColdFusion MX 6.1

• Adobe ColdFusion MX 6.1 patch file
  http://download.macromedia.com/pub/security/bulletins/apsb07-04/CFMX6_ APSB07-04.zip

Adobe ColdFusion MX 7.02

• Adobe ColdFusion MX 7 patch file
  http://download.macromedia.com/pub/security/bulletins/apsb07-04/CFMX7_ APSB07-04.zip

Adobe ColdFusion User_Agent Error Page Cross-Site Scripting Vulnerability

References:

• Adobe ColdFusion Homepage (Adobe)
  
• Cold Fusion Web Server XSS 0 day (digi7al64)
  
• APSB07-04 - Patch available for ColdFusion MX cross-site scripting issue (Adobe)