![adobe coldfusion 11 adobe coldfusion 11](https://www.design903.com/wp-content/uploads/2018/01/cold-fusion.jpg)
Exploitation of this issue requires user interaction in that a victim must open a malicious file.Īdobe ColdFusion Deserialization of Untrusted Data vulnerabilityĪdobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Deserialization of Untrusted Data vulnerability.
![adobe coldfusion 11 adobe coldfusion 11](https://www.samuraiz.co.jp/event/img/ttl_cf_2020_12.png)
An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Īdobe Acrobat and Reader Use-After-Free VulnerabilityĪcrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a Use After Free vulnerability.
![adobe coldfusion 11 adobe coldfusion 11](https://anfu.scanv.com/1542040977932_image.png)
Accellion FTA OS Command Injection VulnerabilityĪccellion FTA 9_12_370 and earlier is affected by OS command execution via a crafted POST request to various admin endpoints.Īccellion FTA 9_12_411 and earlier is affected by OS command execution via a local web service call.Īccellion FTA SQL Injection VulnerabilityĪccellion FTA 9_12_370 and earlier is affected by SQL injection via a crafted Host header in a request to document_root.html.Īccellion FTA 9_12_411 and earlier is affected by SSRF via a crafted POST request to wmProgressstat.html.Īdobe Acrobat and Reader Heap-based Buffer Overflow VulnerabilityĪcrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a heap-based buffer overflow vulnerability.