CVE-2003-1469

CVE Database · CVE-2003-1469

CVE-2003-1469

· N/AModified

CVSS v3.1

N/A

EPSS

6.19%

Published

Dec 31, 2003

Modified

Apr 15, 2026

Public PoC / Exploit (1)

All weaponized →

Exploit-DBMacromedia ColdFusion MX 6.0 - Error Message Full Path Disclosure

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The default configuration of ColdFusion MX has the "Enable Robust Exception Information" option selected, which allows remote attackers to obtain the full path of the web server via a direct request to CFIDE/probe.cfm, which leaks the path in an error message.

Weaknesses (CWE)

CWE-200

Affected Products (7)

microsoft · windows_2000

microsoft · windows_nt

microsoft · windows_xp

macromedia · coldfusionvulnerable

macromedia · coldfusion_professionalvulnerable

References (10)

http://securityreason.com/securityalert/3307

http://www.nii.co.in/vuln/pdmac.html

http://www.securityfocus.com/archive/1/319867