Macromedia ColdFusion 6.0

Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and 7.0 allows remote attackers to attach arbitrary files and send mail via a crafted Subject field, which is not properly handled by the CFMAIL tag in applications that use ColdFusion, aka "CFMAIL injection Vulnerability".

Published: 2005-12-17T23:00:00.000Z
Updated: 2024-08-07T23:38:51.857Z

ColdFusion Sandbox on Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and 7.0 does not throw an exception if the SecurityManager is disabled, which might allow remote attackers to "bypass security controls," aka "JRun Clustered Sandbox Security Vulnerability."

Published: 2005-12-17T23:00:00.000Z
Updated: 2024-08-07T23:38:51.745Z

Macromedia ColdFusion MX before 6.1 does not restrict the size of error messages, which allows remote attackers to cause a denial of service (memory consumption and crash) by sending repeated GET or POST requests that trigger error messages that use long strings of data.

Published: 2005-10-25T04:00:00.000Z
Updated: 2024-08-08T01:29:13.617Z

Macromedia ColdFusion MX 6.0 and 6.1 application server, when running with the CreateObject function or CFOBJECT tag enabled, allows local users to conduct unauthorized activities and obtain administrative passwords by creating CFML scripts that use CreateObject or CFOBJECT.

Published: 2005-07-10T04:00:00.000Z
Updated: 2024-08-08T01:22:12.407Z

Unknown vulnerability in Sun Java System Application Server 7.0 Update 2 and earlier, when a SOAP web service expects an array of objects as an argument, allows remote attackers to cause a denial of service (memory consumption).

Published: 2005-05-10T04:00:00.000Z
Updated: 2024-08-08T01:07:48.289Z

Unknown vulnerability in ColdFusion MX 6.0 and 6.1, and JRun 4.0, when a SOAP web service expects an array of objects as an argument, allows remote attackers to cause a denial of service (memory consumption).

Published: 2005-05-10T04:00:00.000Z
Updated: 2024-08-08T01:07:48.280Z

JRun 4.0 does not properly generate and handle the JSESSIONID, which allows remote attackers to perform a session fixation attack and hijack a user's HTTP session.

Published: 2005-02-13T05:00:00.000Z
Updated: 2024-08-08T00:53:23.998Z

The Microsoft IIS Connector in JRun 4.0 and Macromedia ColdFusion MX 6.0, 6.1, and 6.1 J2EE allows remote attackers to bypass authentication and view source files, such as .asp, .pl, and .php files, via an HTTP request that ends in ";.cfm".

Published: 2005-04-21T04:00:00.000Z
Updated: 2024-08-08T00:31:48.097Z

Buffer overflow in the WriteToLog function for JRun 3.0 through 4.0 web server connectors, such as (1) mod_jrun and (2) mod_jrun20 for Apache, with verbose logging enabled, allows remote attackers to execute arbitrary code via a long HTTP header Content-Type field or other fields.

Published: 2004-11-19T05:00:00.000Z
Updated: 2024-08-08T00:24:27.006Z

The default configuration of ColdFusion MX has the "Enable Robust Exception Information" option selected, which allows remote attackers to obtain the full path of the web server via a direct request to CFIDE/probe.cfm, which leaks the path in an error message.

Published: 2007-10-24T23:00:00.000Z
Updated: 2024-08-08T02:28:03.563Z

Cross-site scripting vulnerability (XSS) in the missing template handler in Macromedia ColdFusion MX allows remote attackers to execute arbitrary script as other users by injecting script into the HTTP request for the name of a template, which is not filtered in the resulting 404 error message.

Published: 2005-06-21T04:00:00.000Z
Updated: 2024-08-08T03:34:56.012Z

Heap-based buffer overflow in the error-handling mechanism for the IIS ISAPI handler in Macromedia ColdFusion 6.0 allows remote attackers to execute arbitrary via an HTTP GET request with a long .cfm file name.

Published: 2002-11-21T05:00:00.000Z
Updated: 2024-08-08T03:19:28.640Z