CVE-2004-2204
published 2004-12-31CVE-2004-2204: Macromedia ColdFusion MX 6.0 and 6.1 application server, when running with the CreateObject function or CFOBJECT tag enabled, allows local users to conduct…
PriorityP417high7.2CVSS 2.0
AVLACLAuNCCICAC
EPSS
0.35%
26.5th percentile
Macromedia ColdFusion MX 6.0 and 6.1 application server, when running with the CreateObject function or CFOBJECT tag enabled, allows local users to conduct unauthorized activities and obtain administrative passwords by creating CFML scripts that use CreateObject or CFOBJECT.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| macromedia | coldfusion | — | — |
| macromedia | coldfusion | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://secunia.com/advisories/12693http://www.macromedia.com/devnet/security/security_zone/mpsb04-10.htmlhttp://www.osvdb.org/10718http://www.securityfocus.com/archive/1/377213http://www.securityfocus.com/bid/11364https://exchange.xforce.ibmcloud.com/vulnerabilities/17567http://secunia.com/advisories/12693http://www.macromedia.com/devnet/security/security_zone/mpsb04-10.htmlhttp://www.osvdb.org/10718http://www.securityfocus.com/archive/1/377213http://www.securityfocus.com/bid/11364https://exchange.xforce.ibmcloud.com/vulnerabilities/17567
2004-12-31
Published