What is the severity of CVE-2014-0571?

CVE-2014-0571 is considered a critical vulnerability due to its potential to allow remote attackers to execute arbitrary web scripts or HTML.

How do I fix CVE-2014-0571?

To fix CVE-2014-0571, you should update Adobe ColdFusion to the latest versions or specific updates as recommended by Adobe.

Which Adobe ColdFusion versions are affected by CVE-2014-0571?

CVE-2014-0571 affects Adobe ColdFusion versions 9.0, 9.0.1, 9.0.2, 10.0, and 11.0 prior to their respective updates.

What type of vulnerability is CVE-2014-0571?

CVE-2014-0571 is a cross-site scripting (XSS) vulnerability that can be exploited to inject malicious scripts into web pages.

Can CVE-2014-0571 be exploited remotely?

Yes, CVE-2014-0571 can be exploited by remote attackers who can target a vulnerable instance of Adobe ColdFusion.

Vulnerability/
CVE-2014-0571

medium

4.3

CWE

15/10/2014

6/8/2024

CVE-2014-0571: XSS

First published: Wed Oct 15 2014(Updated: )

Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 9.0 before Update 13, 9.0.1 before Update 12, 9.0.2 before Update 7, 10 before Update 14, and 11 before Update 2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Credit: psirt@adobe.com

Affected Software	Affected Version	How to fix
Adobe ColdFusion	=9.0
Adobe ColdFusion	=9.0-update_10
Adobe ColdFusion	=9.0-update_12
Adobe ColdFusion	=9.0.1
Adobe ColdFusion	=9.0.1-update_11
Adobe ColdFusion	=9.0.1-update_9
Adobe ColdFusion	=9.0.2
Adobe ColdFusion	=9.0.2-update_4
Adobe ColdFusion	=9.0.2-update_6
Adobe ColdFusion	=10.0
Adobe ColdFusion	=10.0-update1
Adobe ColdFusion	=10.0-update11
Adobe ColdFusion	=10.0-update12
Adobe ColdFusion	=10.0-update2
Adobe ColdFusion	=10.0-update3
Adobe ColdFusion	=10.0-update4
Adobe ColdFusion	=10.0-update8
Adobe ColdFusion	=11.0

Remedy

http://helpx.adobe.com/security/products/coldfusion/apsb14-23.html

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-0571?
CVE-2014-0571 is considered a critical vulnerability due to its potential to allow remote attackers to execute arbitrary web scripts or HTML.
How do I fix CVE-2014-0571?
To fix CVE-2014-0571, you should update Adobe ColdFusion to the latest versions or specific updates as recommended by Adobe.
Which Adobe ColdFusion versions are affected by CVE-2014-0571?
CVE-2014-0571 affects Adobe ColdFusion versions 9.0, 9.0.1, 9.0.2, 10.0, and 11.0 prior to their respective updates.
What type of vulnerability is CVE-2014-0571?
CVE-2014-0571 is a cross-site scripting (XSS) vulnerability that can be exploited to inject malicious scripts into web pages.
Can CVE-2014-0571 be exploited remotely?
Yes, CVE-2014-0571 can be exploited by remote attackers who can target a vulnerable instance of Adobe ColdFusion.

collector/nvd-index
agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/severity
agent/remedy
agent/weakness
agent/author
agent/tags
agent/description
agent/event
agent/first-publish-date
agent/source
vendor/adobe
canonical/adobe coldfusion
version/adobe coldfusion/9.0
version/adobe coldfusion/9.0-update_10
version/adobe coldfusion/9.0-update_12
version/adobe coldfusion/9.0.1
version/adobe coldfusion/9.0.1-update_11
version/adobe coldfusion/9.0.1-update_9
version/adobe coldfusion/9.0.2
version/adobe coldfusion/9.0.2-update_4
version/adobe coldfusion/9.0.2-update_6
version/adobe coldfusion/10.0
version/adobe coldfusion/10.0-update1
version/adobe coldfusion/10.0-update11
version/adobe coldfusion/10.0-update12
version/adobe coldfusion/10.0-update2
version/adobe coldfusion/10.0-update3
version/adobe coldfusion/10.0-update4
version/adobe coldfusion/10.0-update8
version/adobe coldfusion/11.0

Frequently Asked Questions

What is the severity of CVE-2014-0571?
CVE-2014-0571 is considered a critical vulnerability due to its potential to allow remote attackers to execute arbitrary web scripts or HTML.
How do I fix CVE-2014-0571?
To fix CVE-2014-0571, you should update Adobe ColdFusion to the latest versions or specific updates as recommended by Adobe.
Which Adobe ColdFusion versions are affected by CVE-2014-0571?
CVE-2014-0571 affects Adobe ColdFusion versions 9.0, 9.0.1, 9.0.2, 10.0, and 11.0 prior to their respective updates.
What type of vulnerability is CVE-2014-0571?
CVE-2014-0571 is a cross-site scripting (XSS) vulnerability that can be exploited to inject malicious scripts into web pages.
Can CVE-2014-0571 be exploited remotely?
Yes, CVE-2014-0571 can be exploited by remote attackers who can target a vulnerable instance of Adobe ColdFusion.

CVE-2014-0571: XSS

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-0571?

How do I fix CVE-2014-0571?

Which Adobe ColdFusion versions are affected by CVE-2014-0571?

What type of vulnerability is CVE-2014-0571?

Can CVE-2014-0571 be exploited remotely?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2014-0571?

How do I fix CVE-2014-0571?

Which Adobe ColdFusion versions are affected by CVE-2014-0571?

What type of vulnerability is CVE-2014-0571?

Can CVE-2014-0571 be exploited remotely?