Vulnerabilities > CVE-2004-2505 - Unspecified vulnerability in Macromedia Coldfusion 5.0/6.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN macromedia
exploit available
Summary
Macromedia ColdFusion MX before 6.1 does not restrict the size of error messages, which allows remote attackers to cause a denial of service (memory consumption and crash) by sending repeated GET or POST requests that trigger error messages that use long strings of data.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Exploit-Db
| description | Macromedia ColdFusion MX 6.0 Oversized Error Message Denial Of Service Vulnerability. CVE-2004-2505. Dos exploits for multiple platform |
| id | EDB-ID:24013 |
| last seen | 2016-02-02 |
| modified | 2004-04-17 |
| published | 2004-04-17 |
| reporter | K. K. Mookhey |
| source | https://www.exploit-db.com/download/24013/ |
| title | Macromedia ColdFusion MX 6.0 - Oversized Error Message Denial of Service Vulnerability |
References
- http://archives.neohapsis.com/archives/bugtraq/2004-04/0184.html
- http://archives.neohapsis.com/archives/bugtraq/2004-04/0184.html
- http://www.securityfocus.com/bid/10163
- http://www.securityfocus.com/bid/10163
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15895
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15895