CVE-2005-4342 | Vulnerability Database | Aqua Security

ColdFusion Sandbox on Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and 7.0 does not throw an exception if the SecurityManager is disabled, which might allow remote attackers to bypass security controls, aka JRun Clustered Sandbox Security Vulnerability.

Affected Software

Name	Vendor	Start Version	End Version
Coldfusion	Macromedia	6.0 (including)	6.0 (including)
Coldfusion	Macromedia	6.1 (including)	6.1 (including)
Coldfusion	Macromedia	7.0 (including)	7.0 (including)

References

http://secunia.com/advisories/18078
http://securitytracker.com/id?1015369
http://www.macromedia.com/devnet/security/security_zone/mpsb05-12.html
http://www.macromedia.com/devnet/security/security_zone/mpsb05-14.html
http://www.securityfocus.com/bid/15904
http://www.vupen.com/english/advisories/2005/2948
http://secunia.com/advisories/18078
http://securitytracker.com/id?1015369
http://www.macromedia.com/devnet/security/security_zone/mpsb05-12.html
http://www.macromedia.com/devnet/security/security_zone/mpsb05-14.html
http://www.securityfocus.com/bid/15904
http://www.vupen.com/english/advisories/2005/2948

NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-4342
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html