CVE-2005-1022

4 documents4 sources
Severity
5.0MEDIUM
EPSS
0.2%
top 54.01%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Macromedia Coldfusion
Timeline
PublishedMay 2
Latest updateMay 1

Description

ColdFusion 6.1 Updater 1 places Java .class files under the web root in the /WEB-INF/cfclasses directory, which allows remote attackers to obtain sensitive information.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

Patches

Patch: www.macromedia.comPatch: www.macromedia.com

🔴Vulnerability Details

2
GHSA
GHSA-hch9-pmjh-rm4j: ColdFusion 62022-05-01
CVEList
CVE-2005-1022: ColdFusion 62005-04-09

💥Exploits & PoCs

1
Exploit-DB
Apple Mac OSX - AppleFileServer Remote Denial of Service2005-02-08
CVE-2005-1022 (MEDIUM CVSS 5) | ColdFusion 6.1 Updater 1 places Jav | cvebase.io