IT Pro Today is part of the Informa TechTarget Division of Informa PLC

INFORMA PLC|ABOUT US|INVESTOR RELATIONS|TALENT

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Documents Online Events Advertise About

Newsletter Sign-Up

Cloud

Recent in Cloud

SEE ALL Cloud

AWS CTO Werner Vogels delivering an AWS re:Invent 2024 keynote

Amazon Web Services

AWS Looks to Conquer Cloud Complexity with 'Simplexity'AWS Looks to Conquer Cloud Complexity with 'Simplexity'

bySean Michael Kerner

Dec 6, 2024

5 Min Read

person riding an cloud shaped like an upward arrow

Cloud Computing

Harness the Cloud: Critical Benefits of Cloud Computing Harness the Cloud: Critical Benefits of Cloud Computing

byChristopher Tozzi

Dec 5, 2024

10 Min Read

Recent in OS

See All OS

a blueprint graphic that contains sketches of the word PowerShell, a folder tree, a pie chart, a script snippet, and a few machine cog

PowerShell

Tracking Down Lost Disk Space: A PowerShell Solution Tracking Down Lost Disk Space: A PowerShell Solution

byBrien Posey

Dec 10, 2024

5 Min Read

empty cockpit of autonomous car

Operating Systems

What Is a Real-Time Operating System, and Who Needs One?What Is a Real-Time Operating System, and Who Needs One?

byChristopher Tozzi

Mar 5, 2024

6 Min Read

IT Mgmt

Recent in IT Mgmt

See All IT Mgmt

Skills gap written on green paper

Career Management

Bridging the AI Skills Gap: Top Strategies for IT Teams in 2025 Bridging the AI Skills Gap: Top Strategies for IT Teams in 2025

byNathan Eddy

Dec 11, 2024

5 Min Read

person looking into a crystal ball

AI & Machine Learning

Anti-Predictions 2025: What Won't Happen in the Year Ahead Anti-Predictions 2025: What Won't Happen in the Year Ahead

byForrester Blog Network

Dec 10, 2024

4 Min Read

Career

Recent in Career

See All Career Mgmt

Skills gap written on green paper

Career Management

Bridging the AI Skills Gap: Top Strategies for IT Teams in 2025 Bridging the AI Skills Gap: Top Strategies for IT Teams in 2025

byNathan Eddy

Dec 11, 2024

5 Min Read

bored employee at his desk

IT Management

How to Keep IT Team Boredom From Killing Productivity How to Keep IT Team Boredom From Killing Productivity

byJohn Edwards, InformationWeek

Dec 9, 2024

1 Min Read

Storage

Recent in Storage

See All Data Storage

a blueprint graphic that contains sketches of the word PowerShell, a folder tree, a pie chart, a script snippet, and a few machine cog

PowerShell

Tracking Down Lost Disk Space: A PowerShell Solution Tracking Down Lost Disk Space: A PowerShell Solution

byBrien Posey

Dec 10, 2024

5 Min Read

a person works at their office computer trying to troubleshoot a lost storage space issue

Storage

Where Did My Windows Server's Disk Space Disappear To?Where Did My Windows Server's Disk Space Disappear To?

byBrien Posey

Dec 6, 2024

3 Min Read

Security

Recent in Security

See All IT Security

team collaborating around a table

IT Infrastructure

How to Conduct an Infrastructure Assessment How to Conduct an Infrastructure Assessment

byIndustry Perspectives

Dec 10, 2024

4 Min Read

cybersecurity expert typing on a laptop with a lock on the screen

Career Management

What Talent Gap? Hiring Practices Are the Real Problem What Talent Gap? Hiring Practices Are the Real Problem

byDark Reading

Dec 2, 2024

1 Min Read

Dev

Recent in Dev

See All Software Dev

DevOps logo

DevOps

2025 DevOps Trends: What Will Change and What Won't 2025 DevOps Trends: What Will Change and What Won't

byIndustry Perspectives

Dec 9, 2024

5 Min Read

software developer writing code

Software Development

7 Trends That Helped Shape Software Development in 2024 7 Trends That Helped Shape Software Development in 2024

byChristopher Tozzi

Dec 9, 2024

4 Min Read

Recent in DX

See All Digital Transformation

person looking into a crystal ball

AI & Machine Learning

Anti-Predictions 2025: What Won't Happen in the Year Ahead Anti-Predictions 2025: What Won't Happen in the Year Ahead

byForrester Blog Network

Dec 10, 2024

4 Min Read

Words "accelerating growth" appear in white text on blue background of wave-like designs, accompanied by an Informa TechTarget logo and company name

Digital Transformation

A Note From the Editor-in-Chief A Note From the Editor-in-Chief

byWendy Schuchart

Dec 3, 2024

1 Min Read

Infrastructure

Recent in Infrastructure

See All Infrastructure

team collaborating around a table

IT Infrastructure

How to Conduct an Infrastructure Assessment How to Conduct an Infrastructure Assessment

byIndustry Perspectives

Dec 10, 2024

4 Min Read

photo of Intel Corp. Chief Executive Officer Pat Gelsinger

High Performance Computing

Intel CEO Forced Out by Board Frustrated With Slow Progress Intel CEO Forced Out by Board Frustrated With Slow Progress

byBloomberg News

Dec 3, 2024

7 Min Read

Newsletters
How To…?
Industry Perspectives
Business Resources
Reports/Research
Online Events

Live Events
Videos
White Papers
Advertise With Us
About Us

Resource Library

Vulnerabilities & Threats
IT Security

Path Disclosure Vulnerability in Macromedia ColdFusion MX Server

A vulnerability in Macromedia Coldfusion MX Server’s default installation can result in the inadvertent disclosure of the physical path of the server installation.

Ken Pfeil

April 29, 2003

1 Min Read

Reported April 26, 2003, by Network Intelligence India Pvt. Ltd.

VERSIONS AFFECTED

Macromedia’s ColdFusion MX Server

DESCRIPTION

A vulnerability in Macromedia Coldfusion MX Server’s default installation can result in the inadvertent disclosure of the physical path of the server installation. A malicious user can connect to the vulnerable host on port 8500 (e.g.,http://localhost:8500/CFIDE/probe.cfm) and issue an invalid request. The software returns an error message that displays the physical path:

Error occurred in:

C:CFusionMXwwwrootCFIDEprobe.cfm:line56

VENDOR RESPONSE

In a default installation, the Enable Robust Exception Information setting is enabled under Debugging Settings. According to Macromedia, this setting should be cleared on production systems.

CREDIT

Discovered byNetwork Intelligence India Pvt. Ltd.

About the Author

Ken Pfeil

See more from Ken Pfeil

Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

Newsletter Sign-Up

Editor's Choice

jobs key on keyboard

Career Management

IT Jobs Outlook 2025: Evolving Skills, AI, Workplace Flexibility Will Shape IT Workforce

Nov 20, 2024

an it pro is disappointed as a poster for sustainability is switched with one for financial results and garbage piles up next to a recycling bin

Green IT

How Do I Advocate for Green IT Without Being Dismissed as a Lorax?

Nov 27, 2024

person using a laptop with the Ubuntu logo on its scree

IT Operations

3 Simple Ways to Install and Run a Virtual Machine on Ubuntu

Nov 22, 2024

Exclusive ITPro Resources

BCDR Basics: A Quick Reference Guide for Business Continuity & Disaster Recovery
Oct 10, 2024
|
1 Min Read
ITPro Today’s 2024 IT Priorities Report
Sep 25, 2024
|
1 Min Read
Tech Careers: Quick Reference Guide to IT Job Titles
Sep 13, 2024
|
1 Min Read
Migrating From VMware: Guide to a Successful Transition
Sep 3, 2024
|
1 Min Read

See all ITPro Resources

Featured Technical Explainers

AI chip

Cloud Computing

Cloud vs. On-Prem AI Accelerators: Choosing the Best Fit for Your AI Workloads

SaaS concept on a tablet

Cloud Computing

Why SaaS Backup Matters: Protecting Data Beyond Vendor Guarantees

DevOps logo on top of code

DevOps

DevOps: Key to Faster, More Efficient Government Software Development

Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

Newsletter Sign-Up

Copyright © 2024. This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world’s technology buyers and sellers. All copyright resides with them. Informa PLC’s registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.’s registered office is 275 Grove St. Newton, MA 02466.

Home|CCPA: Do not sell my personal info|Cookies|Privacy|Terms

Related Topics

Recent in Cloud

Related Topics

Recent in OS

Related Topics

Recent in IT Mgmt

Related Topics

Recent in Career

Related Topics

Recent in Storage

Related Topics

Recent in Security

Related Topics

Recent in Dev

Related Topics

Recent in DX

Related Topics

Recent in Infrastructure

Related Topics

Path Disclosure Vulnerability in Macromedia ColdFusion MX Server

About the Author

Editor's Choice

Featured Technical Explainers

Recent What Is

Related Topics

Recent in Cloud

Related Topics

Recent in OS

Related Topics

Recent in IT Mgmt

Related Topics

Recent in Career

Related Topics

Recent in Storage

Related Topics

Recent in Security

Related Topics

Recent in Dev

Related Topics

Recent in DX

Related Topics

Recent in Infrastructure

Related Topics

<span class="ArticleBase-LargeTitle">Path Disclosure Vulnerability in Macromedia ColdFusion MX Server</span>Path Disclosure Vulnerability in Macromedia ColdFusion MX Server

About the Author

Editor's Choice

Featured Technical Explainers

Recent What Is

Path Disclosure Vulnerability in Macromedia ColdFusion MX Server