GCVE - cpe:2.3:a:macromedia:coldfusion:4.5:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:macromedia:coldfusion:4.5:*:*:*:*:*:*:*

part: a version: 4.5 update: *

Vendor	Macromedia (`f00ebe2b-9d72-52ca-9cf0-be998a2cdfa0`)
Product	Coldfusion (`26100411-1341-5719-a01b-6960c4e93ee8`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2001-1514`	vulnerable	2026-06-03 14:26:12.834115	Details available ColdFusion 4.5 and 5, when running on Windows with the advanced security sandbox type set to "operating system," does not properly pass security context to (1) child processes created with <CFEXECUTE> and (2) child processes that call the CreateProcess function and are executed with <CFOBJECT> or end with the CFX extension, which allows attackers to execute programs with the permissions of the System account. Published: 2005-07-14T04:00:00.000Z Updated: 2024-09-16T22:51:24.124Z Open on db.gcve.eu Reference links http://www.macromedia.com/v1/Handlers/index.cfm?ID=22263	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2001-1427`	vulnerable	2026-06-03 14:26:12.497254	Details available Unknown vulnerability in ColdFusion Server 2.0 through 4.5.1 SP2 allows remote attackers to overwrite templates with zero byte files via unknown attack vectors. Published: 2005-03-22T05:00:00.000Z Updated: 2024-08-08T04:58:09.619Z Open on db.gcve.eu Reference links https://exchange.xforce.ibmcloud.com/vulnerabilities/6840 http://www.macromedia.com/devnet/security/security_zone/mpsb01-07.html http://www.securityfocus.com/bid/3023 http://www.kb.cert.org/vuls/id/321475	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.