CVE-2006-4725

Name of the Vulnerable Software and Affected Versions Adobe ColdFusion MX versions 7 and 7.01

Description The issue allows local users to bypass security restrictions. It enables them to call components (CFC) within a sandbox from CFML templates that are located outside of the sandbox.

Recommendations For Adobe ColdFusion MX versions 7 and 7.01, consider restricting access to CFML templates located outside of the sandbox to prevent bypassing of security restrictions. As a temporary workaround, limit the ability to call components within a sandbox from external CFML templates until a more permanent solution is available.