MediumCheck or Attack Name: ColdFusionFileRead
The ColdFusion sample program "sourcewindow.cfm" contains a vulnerability that could allow remote attackers to read any file on the system.
Upgrade to ColdFusion 4.0 once it becomes available. It is recommended users remove the "sourcewindow.cfm" program from all production servers.
Allaire Security Bulletin ASB99-02, ColdFusion 4.0 Example Applications and Sample Code Exposes Servers, http://www.allaire.com/handlers/index.cfm?ID=8739&Method=Full
