The ColdFusion vulnerability allows remote attackers to create executable files in arbitrary directories via directory traversal sequences in input to unspecified connector modules, leading to remote code execution, as exploited in the wild in July 2009, related to the file browser and the editor/filemanager/connectors/ directory.
