CVE-2004-0407
4 documents4 sources
Severity
2.6LOW
EPSS
3.9%
top 11.80%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJun 1
Latest updateApr 29
Description
The HTML form upload capability in ColdFusion MX 6.1 does not reclaim disk space if an upload is interrupted, which allows remote attackers to cause a denial of service (disk consumption) by repeatedly uploading files and interrupting the uploads before they finish.
CVSS vector
AV:N/AC:H/C:N/I:N/A:PExploitability: 4.9 | Impact: 2.9