Vulnerability Details : CVE-2013-3349
Unspecified vulnerability in Adobe ColdFusion 9.0 through 9.0.2, when the JRun application server is used, allows remote attackers to cause a denial of service via unknown vectors.
Vulnerability category: Denial of service
Products affected by CVE-2013-3349
- cpe:2.3:a:adobe:coldfusion:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:coldfusion:9.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:coldfusion:9.0.2:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2013-3349
0.26%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 63 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2013-3349
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST |
References for CVE-2013-3349
-
http://www.securitytracker.com/id/1028757
Adobe ColdFusion Bugs Let Remote Users Invoke Non-Remote Methods and Deny Service - SecurityTracker
-
http://www.adobe.com/support/security/bulletins/apsb13-19.html
Adobe - Security Bulletins: APSB13-19 - Security update: Hotfixes available for ColdFusionVendor Advisory
Jump to