Information Security Researchers Parveen Yadav and Mayank Bhatodra have identified a critical security flaw in Adobe website that exposes the sensitive internal data of Adobe Systems Inc.
Adobe uses an application called P4web which provides convenient access to versioned files through popular web browsers. Files can be viewed as icons or thumbnails and all standard operations can be performed in the browser.
Unfortunately, the Adobe fails to restrict the Perforce P4web web client being accessed by users , it results in exposing the internal data.
For a security reasons, we are not providing the vulnerable link here. The URL allows us to read the internal data including email IDs of Employees, Full Name. It also exposes the Internal system directory and computer names, Source codes.
"An application only protects sensitive functionality by preventing the display of links or URLs to unauthorized users. Attackers can use this weakness to access and perform unauthorized operations by accessing those URLs directly." Researcher said.
The researcher notified Adobe before few months but they failed to respond to them. We have also notified Adobe about the vulnerability but there is no response from their side.
A security Researcher from websecurit.com.au discovered Denial of Service(DOS),information leakage,Full path disclosure vulnerability in Adobe ColdFusion version 9 and earlier versions.
Vulnerability Details:
Information Leakage (WASC-13):
http://site/CFIDE/componentutils/packagelist.cfm
Leakage of the list of all components installed at the server and paths to
them.
DoS (WASC-10):
http://site/CFIDE/componentutils/packagelist.cfm?refreshCache=yes
At this request the update of components cache occurs, which leads to
overload of the server, if large amount of components is installed.
Full path disclosure (WASC-13):
http://site/CFIDE/adminapi/_datasource/formatjdbcurl.cfm
http://site/CFIDE/adminapi/_datasource/getaccessdefaultsfromregistry.cfm
http://site/CFIDE/adminapi/_datasource/geturldefaults.cfm
http://site/CFIDE/adminapi/_datasource/setdsn.cfm
http://site/CFIDE/adminapi/_datasource/setmsaccessregistry.cfm
http://site/CFIDE/adminapi/_datasource/setsldatasource.cfm
http://site/CFIDE/adminapi/customtags/l10n.cfm
http://site/CFIDE/debug/cf_debugFr.cfm (in body of page with frames)
There are many other FPD in admin panel of ColdFusion.
Vulnerability Details:
Information Leakage (WASC-13):
http://site/CFIDE/componentutils/packagelist.cfm
Leakage of the list of all components installed at the server and paths to
them.
DoS (WASC-10):
http://site/CFIDE/componentutils/packagelist.cfm?refreshCache=yes
At this request the update of components cache occurs, which leads to
overload of the server, if large amount of components is installed.
Full path disclosure (WASC-13):
http://site/CFIDE/adminapi/_datasource/formatjdbcurl.cfm
http://site/CFIDE/adminapi/_datasource/getaccessdefaultsfromregistry.cfm
http://site/CFIDE/adminapi/_datasource/geturldefaults.cfm
http://site/CFIDE/adminapi/_datasource/setdsn.cfm
http://site/CFIDE/adminapi/_datasource/setmsaccessregistry.cfm
http://site/CFIDE/adminapi/_datasource/setsldatasource.cfm
http://site/CFIDE/adminapi/customtags/l10n.cfm
http://site/CFIDE/debug/cf_debugFr.cfm (in body of page with frames)
There are many other FPD in admin panel of ColdFusion.
