CVE-2007-5905

Adobe ColdFusion 8 and MX 7 allows remote attackers to hijack sessions via unspecified vectors that trigger establishment of a session to a ColdFusion application in which the (1) CFID or (2) CFTOKEN cookies have empty values, possibly due to a session fixation vulnerability.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:adobe:coldfusion:7.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:coldfusion:8.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2007-11-15 20:46

Updated : 2024-02-04 17:13


NVD link : CVE-2007-5905

Mitre link : CVE-2007-5905

CVE.ORG link : CVE-2007-5905


JSON object : View

Products Affected

adobe

  • coldfusion
CWE
CWE-255

Credentials Management Errors