CVE-2005-4342

{"id": "CVE-2005-4342", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2005-12-19T03:47:00.000", "references": [{"url": "http://secunia.com/advisories/18078", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1015369", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.macromedia.com/devnet/security/security_zone/mpsb05-12.html", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.macromedia.com/devnet/security/security_zone/mpsb05-14.html", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/15904", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2005/2948", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/18078", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securitytracker.com/id?1015369", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.macromedia.com/devnet/security/security_zone/mpsb05-12.html", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.macromedia.com/devnet/security/security_zone/mpsb05-14.html", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/15904", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2005/2948", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "ColdFusion Sandbox on Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and 7.0 does not throw an exception if the SecurityManager is disabled, which might allow remote attackers to \"bypass security controls,\" aka \"JRun Clustered Sandbox Security Vulnerability.\""}, {"lang": "es", "value": "ColdFusion Sandbox en Adobe (antes Macromedia) ColdFusion MX 6.0, 6.1, 6.1 con JRun, y 7.0, no lanza una excepci\u00f3n si el SecurityManager est\u00e1 inhabilitado, lo que podr\u00eda permitir a atacantes remotos \"evitar controles de seguridad\", tcc \"Vulnerabilidad de Seguridad de Caja de Arena de JRun Agrupado\""}], "lastModified": "2025-04-03T01:03:51.193", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:macromedia:coldfusion:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B79C39FD-D9A0-4CA4-BF37-D94D9F20E4C1"}, {"criteria": "cpe:2.3:a:macromedia:coldfusion:6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B2C65BE0-32FA-4D51-AA2B-E7D630470D19"}, {"criteria": "cpe:2.3:a:macromedia:coldfusion:6.1:*:enterprise_with_jrun:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "88FB2C4B-E22D-4469-AD12-403A8E8B260C"}, {"criteria": "cpe:2.3:a:macromedia:coldfusion:6.1:*:j2ee_application_server:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5E448558-A9F6-4506-AA6D-688C73CEC61E"}, {"criteria": "cpe:2.3:a:macromedia:coldfusion:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "921E5A6D-8476-401B-9A18-BDBC07CA1CDB"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}