Signature Detail

Short Name	HTTP:COLDFUSION:ENV-VAR-OW
Severity	High
Recommended	No
Recommended Action	Drop
Category	HTTP
Keywords	Adobe ColdFusion Environment Variable Overwrite HTTP_HOST
Release Date	2011/03/11
Update Number	1881
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Adobe ColdFusion Environment Variable Overwrite Attempt

This signature detects attempts to exploit a known flaw in Adobe ColdFusion. An attacker can send a crafted request which can overwrite ColdFusion environment variables, leading to Cross-Site Scripting (XSS), Data Injection, and other attacks. This signature should only be used to examine traffic going to ColdFusion HTTP servers.

References

URL: http://help.adobe.com/en_US/ColdFusion/9.0/CFMLRef/WSc3ff6d0ea77859461172e0811cbec22c24-7785.html
URL: http://www.owasp.org/images/0/0a/OWASP_AppSec_DC_2010_-_Deconstructing_ColdFusion.pdf

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: Adobe ColdFusion Environment Variable Overwrite Attempt

References