CVE-2004-1815

Name of the Vulnerable Software and Affected Versions ColdFusion MX versions 6.0 through 6.1 JRun version 4.0

Description The issue allows remote attackers to cause a denial of service due to memory consumption when a SOAP web service expects an array of objects as an argument.

Recommendations For ColdFusion MX versions 6.0 through 6.1, consider restricting the use of SOAP web services that expect arrays of objects as arguments until a fix is available. For JRun version 4.0, avoid using SOAP web services with array of objects as arguments to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.