PT-2004-3099 · Macromedia · Macromedia Coldfusion Mx

Published

2004-12-31

Updated

2017-07-11

CVE-2004-2204

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Macromedia ColdFusion MX versions 6.0 through 6.1

Description The issue allows local users to conduct unauthorized activities and obtain administrative passwords by creating CFML scripts that utilize the CreateObject function or CFOBJECT tag.

Recommendations For Macromedia ColdFusion MX versions 6.0 through 6.1, consider disabling the CreateObject function or CFOBJECT tag to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-2204

Affected Products

Macromedia Coldfusion Mx

PT-2004-3099 · Macromedia · Macromedia Coldfusion Mx

CVE-2004-2204

Related Identifiers

Affected Products

References · 7