CVE-2005-4343

Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and 7.0 allows remote attackers to attach arbitrary files and send mail via a crafted Subject field, which is not properly handled by the CFMAIL tag in applications that use ColdFusion, aka "CFMAIL injection Vulnerability".
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:macromedia:coldfusion:6.0:*:*:*:*:*:*:*
cpe:2.3:a:macromedia:coldfusion:6.1:*:*:*:*:*:*:*
cpe:2.3:a:macromedia:coldfusion:6.1:*:enterprise_with_jrun:*:*:*:*:*
cpe:2.3:a:macromedia:coldfusion:6.1:*:j2ee_application_server:*:*:*:*:*
cpe:2.3:a:macromedia:coldfusion:7.0:*:*:*:*:*:*:*

History

21 Nov 2024, 00:04

Type Values Removed Values Added
References () http://secunia.com/advisories/18078 - Patch, Vendor Advisory () http://secunia.com/advisories/18078 - Patch, Vendor Advisory
References () http://securitytracker.com/id?1015369 - Patch, Vendor Advisory () http://securitytracker.com/id?1015369 - Patch, Vendor Advisory
References () http://www.macromedia.com/devnet/security/security_zone/mpsb05-12.html - Patch () http://www.macromedia.com/devnet/security/security_zone/mpsb05-12.html - Patch
References () http://www.macromedia.com/devnet/security/security_zone/mpsb05-14.html - Patch () http://www.macromedia.com/devnet/security/security_zone/mpsb05-14.html - Patch
References () http://www.securityfocus.com/bid/15904 - Patch () http://www.securityfocus.com/bid/15904 - Patch
References () http://www.vupen.com/english/advisories/2005/2948 - () http://www.vupen.com/english/advisories/2005/2948 -

Information

Published : 2005-12-19 03:47

Updated : 2024-11-21 00:04


NVD link : CVE-2005-4343

Mitre link : CVE-2005-4343

CVE.ORG link : CVE-2005-4343


JSON object : View

Products Affected

macromedia

  • coldfusion