Macromedia ColdFusion MX before 6.1 does not restrict the size of error messages, which allows remote attackers to cause a denial of service (memory consumption and crash) by sending repeated GET or POST requests that trigger error messages that use long strings of data.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Coldfusion | Macromedia | 5.0 (including) | 5.0 (including) |
Coldfusion | Macromedia | 6.0 (including) | 6.0 (including) |