Vulnerabilities > CVE-2005-4345 - Multiple vulnerability in Macromedia Coldfusion 7.0

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

macromedia

NVD

Published: 2005-12-19

Updated: 2011-03-08

Summary

Adobe (formerly Macromedia) ColdFusion MX 7.0 exposes the password hash of the Administrator in an API call, which allows local developers to obtain the hash and gain privileges.

Vulnerable Configurations

Part	Description	Count
Application	Macromedia Macromedia Coldfusion 7.0	1

References

http://secunia.com/advisories/18078
http://securitytracker.com/id?1015371
http://www.macromedia.com/devnet/security/security_zone/mpsb05-14.html
http://www.securityfocus.com/bid/15904
http://www.vupen.com/english/advisories/2005/2948