Adobe ColdFusion is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. Adobe ColdFusion 9.0.1 and prior are vulnerable.
Updates are available. Please see the references for more information.