CVE-2000-0538
published 2000-06-07CVE-2000-0538: ColdFusion Administrator for ColdFusion 4.5.1 and earlier allows remote attackers to cause a denial of service via a long login password.
PriorityP424medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
8.43%
94.3th percentile
ColdFusion Administrator for ColdFusion 4.5.1 and earlier allows remote attackers to cause a denial of service via a long login password.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| allaire | coldfusion_server | — | — |
| allaire | coldfusion_server | — | — |
| allaire | coldfusion_server | — | — |
| allaire | coldfusion_server | — | — |
| allaire | coldfusion_server | — | — |
| allaire | coldfusion_server | — | — |
| allaire | coldfusion_server | — | — |
| allaire | coldfusion_server | — | — |
| allaire | coldfusion_server | — | — |
| allaire | coldfusion_server | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Microsoft Outlook 98/2000/2002 - Arbitrary Code Execution
exploitdb·2001-07-12
CVE-2001-0538 Microsoft Outlook 98/2000/2002 - Arbitrary Code Execution
Microsoft Outlook 98/2000/2002 - Arbitrary Code Execution
---
source: https://www.securityfocus.com/bid/3026/info
Microsoft Outlook introduces a vulnerability that may allow attackers to execute arbitrary commands on a target system.
The vulnerability is due to a new ActiveX control called 'Microsoft Outlook View Control'. The flaw is that this control is marked 'safe for scripting' when it should not be. It is therefore accessible by scripts.
Scripts can execute commands without user knowledge or consent.
This assumes you have at least one message in Outlook XP's Inbox
function f()
{
//alert(o2.object);
sel=o1.object.selection;
vv1=sel.Item(1);
alert("Subject="+vv1.Subject);
alert("Body="+vv1.Body+"["+vv1.HTMLBody+"]");
alert("May be deleted");
//vv1.Delete();
vv2=vv1.Session.App
Exploit-DB
Microsoft Outlook 98/2000/2002 - Unauthorized Email Access
exploitdb·2001-07-12
CVE-2001-0538 Microsoft Outlook 98/2000/2002 - Unauthorized Email Access
Microsoft Outlook 98/2000/2002 - Unauthorized Email Access
---
source: https://www.securityfocus.com/bid/3025/info
Microsoft Outlook introduces a vulnerability that may allow attackers to access and manipulate user email.
The vulnerability is due to a new ActiveX control called 'Microsoft Outlook View Control'. The flaw is that this control is marked 'safe for scripting' when it should not be. It is therefore accessible by scripts.
Scripts can access and perform operations on user email through this control without user knowledge or consent.
This assumes you have at least one message in Outlook XP's Inbox
function f()
{
//alert(o2.object);
sel=o1.object.selection;
vv1=sel.Item(1);
alert("Subject="+vv1.Subject);
alert("Body="+vv1.Body+"["+vv1.HTMLBody+"]");
alert("May be deleted");
Exploit-DB
ColdFusion Server 2.0/3.x/4.x - Administrator Login Password Denial of Service
exploitdb·2000-06-07
CVE-2000-0538 ColdFusion Server 2.0/3.x/4.x - Administrator Login Password Denial of Service
ColdFusion Server 2.0/3.x/4.x - Administrator Login Password Denial of Service
---
source: https://www.securityfocus.com/bid/1314/info
Due to a faulty mechanism in the password parsing implementation in authentication requests, it is possible to launch a denial of service attack against Allaire ColdFusion 4.5.1 or previous by inputting a string of over 40 000 characters to the password field in the Administrator login page. CPU utilization could reach up to 100%, bringing the program to halt. The default form for the login page would prevent such an attack. However, a malicious user could download the form locally to their hard drive, modify HTML tag fields, and be able to submit the 40 000 character string to the ColdFusion Server.
Restarting the application would be required in order
No writeups or analysis indexed.
http://marc.info/?l=bugtraq&m=96045469627806&w=2http://www.allaire.com/handlers/index.cfm?ID=16122&Method=Fullhttp://www.osvdb.org/3399http://www.securityfocus.com/bid/1314https://exchange.xforce.ibmcloud.com/vulnerabilities/4611http://marc.info/?l=bugtraq&m=96045469627806&w=2http://www.allaire.com/handlers/index.cfm?ID=16122&Method=Fullhttp://www.osvdb.org/3399http://www.securityfocus.com/bid/1314https://exchange.xforce.ibmcloud.com/vulnerabilities/4611
2000-06-07
Published