Macromedia Coldfusion vulnerabilities
23 known vulnerabilities affecting macromedia/coldfusion.
Total CVEs
23
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH7MEDIUM11LOW3
Vulnerabilities
Page 2 of 2
CVE-2004-2331P4MEDIUMCVSS 5.5v6.12004-12-31
CVE-2004-2331 [MEDIUM] CWE-470 CVE-2004-2331: ColdFusion MX 6.1 and 6.1 J2EE allows local users to bypass sandbox security restrictions and obtain
ColdFusion MX 6.1 and 6.1 J2EE allows local users to bypass sandbox security restrictions and obtain sensitive information by using Java reflection methods to access trusted Java objects without using the CreateObject function or cfobject tag.
nvd
CVE-2005-2306P4LOWCVSS 3.7v6.1v7.02005-07-19
CVE-2005-2306 [LOW] CVE-2005-2306: Race condition in Macromedia JRun 4.0, ColdFusion MX 6.1 and 7.0, when under heavy load, causes JRun
Race condition in Macromedia JRun 4.0, ColdFusion MX 6.1 and 7.0, when under heavy load, causes JRun to assign a duplicate authentication token to multiple sessions, which could allow authenticated users to gain privileges as other users.
nvd
CVE-2005-4344P4LOWCVSS 2.1v7.02005-12-19
CVE-2005-4344 [LOW] CVE-2005-4344: Adobe (formerly Macromedia) ColdFusion MX 7.0 does not honor when the CFOBJECT /CreateObject(Java) s
Adobe (formerly Macromedia) ColdFusion MX 7.0 does not honor when the CFOBJECT /CreateObject(Java) setting is disabled, which allows local users to create an object despite the specified configuration.
nvd
← Previous2 / 2