GCVE - cpe:2.3:a:allaire:coldfusion_server:4.0.1:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:allaire:coldfusion_server:4.0.1:*:*:*:*:*:*:*

part: a version: 4.0.1 update: *

Vendor	Allaire (`a0b1f4af-8c85-5fcf-a11d-6d758962e057`)
Product	Coldfusion Server (`83a4c3b5-e0b2-574f-8df6-95ba3accbac3`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2001-1120`	vulnerable	2026-06-08 04:45:21.483204	Details available Vulnerabilities in ColdFusion 2.0 through 4.5.1 SP 2 allow remote attackers to (1) read or delete arbitrary files, or (2) overwrite ColdFusion Server templates. Published: 2002-03-15T05:00:00.000Z Updated: 2024-08-08T04:44:07.482Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/3018 https://exchange.xforce.ibmcloud.com/vulnerabilities/6839 http://www.securityfocus.com/archive/1/196452 http://www.allaire.com/handlers/index.cfm?id=21566 http://www.kb.cert.org/vuls/id/135531	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2000-0538`	vulnerable	2026-06-08 04:45:18.281901	Details available ColdFusion Administrator for ColdFusion 4.5.1 and earlier allows remote attackers to cause a denial of service via a long login password. Published: 2000-10-13T04:00:00.000Z Updated: 2024-08-08T05:21:31.209Z Open on db.gcve.eu Reference links http://marc.info/?l=bugtraq&m=96045469627806&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/4611 http://www.osvdb.org/3399 http://www.allaire.com/handlers/index.cfm?ID=16122&Method=Full http://www.securityfocus.com/bid/1314	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2000-0189`	vulnerable	2026-06-08 04:44:58.415006	Details available ColdFusion Server 4.x allows remote attackers to determine the real pathname of the server via an HTTP request to the application.cfm or onrequestend.cfm files. Published: 2000-04-10T04:00:00.000Z Updated: 2024-08-08T05:05:54.106Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/1021	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2000-0057`	vulnerable	2026-06-08 04:44:58.377425	Details available Cold Fusion CFCACHE tag places temporary cache files within the web document root, allowing remote attackers to obtain sensitive system information. Published: 2000-04-18T04:00:00.000Z Updated: 2024-08-08T05:05:53.927Z Open on db.gcve.eu Reference links http://www.allaire.com/handlers/index.cfm?ID=13978&Method=Full http://www.securityfocus.com/bid/917	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-1999-0760`	vulnerable	2026-06-08 04:44:58.109442	Details available Undocumented ColdFusion Markup Language (CFML) tags and functions in the ColdFusion Administrator allow users to gain additional privileges. Published: 2001-05-07T04:00:00.000Z Updated: 2024-08-01T16:48:38.080Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/550 http://www.allaire.com/handlers/index.cfm?ID=11714&Method=Full https://exchange.xforce.ibmcloud.com/vulnerabilities/3288	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-1999-0756`	vulnerable	2026-06-08 04:44:58.108416	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.