Vulnerabilities > CVE-2004-2505 - Denial Of Service vulnerability in Macromedia ColdFusion MX Oversized Error Message

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

macromedia

exploit available

NVD

Published: 2004-12-31

Updated: 2017-07-11

Summary

Macromedia ColdFusion MX before 6.1 does not restrict the size of error messages, which allows remote attackers to cause a denial of service (memory consumption and crash) by sending repeated GET or POST requests that trigger error messages that use long strings of data.

Vulnerable Configurations

Part	Description	Count
Application	Macromedia Macromedia Coldfusion 5.0 Macromedia Coldfusion 6.0	2

Exploit-Db

description	Macromedia ColdFusion MX 6.0 Oversized Error Message Denial Of Service Vulnerability. CVE-2004-2505. Dos exploits for multiple platform
id	EDB-ID:24013
last seen	2016-02-02
modified	2004-04-17
published	2004-04-17
reporter	K. K. Mookhey
source	https://www.exploit-db.com/download/24013/
title	Macromedia ColdFusion MX 6.0 - Oversized Error Message Denial of Service Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References