GEN:SID 1:904
Message WEB-COLDFUSION exampleapp application.cfm
Summary This event is generated when an attempt is made to access an Example
application on a Coldfusion 4.x server.
Impact Serious. The vulnerability is not limited to files in the webspace, so
system files or additional unexecuted code files could be retrieved and
examined for vulnerabilities.
Detailed Information ColdFusion (Macromedia, formerly Allaire) web servers have several
default Example applications installed that have vulnerabilities.  The
email application can be exploited to allow remote viewing of arbitrary
files.
Affected Systems ColdFusion versions 4.0 thru 4.5 (4.5.1 is not vulnerable), on all
supported platforms
Attack Scenarios The file at cfdocs/exampleapp/email/application.cfm includes a page,
cfdocs/exampleapp/email/getfile.cfm, that can accept URL-mangled
requests like:

http://www.server.com/cfdocs/exampleapp/email/getfile.cfm?filename=c:\boot.ini

This allows trivial remote retrieval of any file on the server.
Ease of Attack Simple.
Corrective Action Delete all example code.  This is one of several significant
vulnerabilities that are exploitable if the example code is left on a
production server.
Additional References CAN-2001-0535

CVE:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0535
Rule References bugtraq: 1021
cve: 2000-0189