CVE Vulnerabilities

CVE-2004-2505

Published: Dec 31, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

Macromedia ColdFusion MX before 6.1 does not restrict the size of error messages, which allows remote attackers to cause a denial of service (memory consumption and crash) by sending repeated GET or POST requests that trigger error messages that use long strings of data.

Affected Software

Name Vendor Start Version End Version
Coldfusion Macromedia 5.0 (including) 5.0 (including)
Coldfusion Macromedia 6.0 (including) 6.0 (including)

References