CVE-2005-4344

3 documents3 sources
Severity
2.1LOW
EPSS
0.0%
top 93.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Macromedia Coldfusion
Timeline
PublishedDec 19
Latest updateMay 1

Description

Adobe (formerly Macromedia) ColdFusion MX 7.0 does not honor when the CFOBJECT /CreateObject(Java) setting is disabled, which allows local users to create an object despite the specified configuration.

CVSS vector

AV:L/AC:L/C:N/I:P/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

Patches

Patch: secunia.comPatch: securitytracker.comPatch: www.macromedia.com

🔴Vulnerability Details

2
GHSA
GHSA-4c78-fmvp-hwrw: Adobe (formerly Macromedia) ColdFusion MX 72022-05-01
CVEList
CVE-2005-4344: Adobe (formerly Macromedia) ColdFusion MX 72005-12-17
CVE-2005-4344 (LOW CVSS 2.1) | Adobe (formerly Macromedia) ColdFus | cvebase.io