CVE-2003-1469

Name of the Vulnerable Software and Affected Versions ColdFusion MX (affected versions not specified)

Description The default configuration of ColdFusion MX has the "Enable Robust Exception Information" option selected. This setting allows remote attackers to obtain the full path of the web server via a direct request to "CFIDE/probe.cfm". The error message returned by this request leaks the path.

Recommendations For ColdFusion MX, consider disabling the "Enable Robust Exception Information" option to prevent the leakage of the web server's full path. As a temporary workaround, restrict access to "CFIDE/probe.cfm" to minimize the risk of exploitation.