Adobe ColdFusion l10n.cfm Remote Code Execution Exploit

The /CFIDE/adminapi/customtags/l10n.cfm page in Adobe ColdFusion does not properly validate its attributes.file parameter. This can be abused by a remote unauthenticated attacker to execute arbitrary code on vulnerable servers.
Exploit type: 
Platform: 
Vulnerabilty ID: 
CVE-2013-3336
Product Version: 
2014_R1
Released Date: 
Tuesday, July 22, 2014 - 00:00