Lucene search

[email protected]NVD:CVE-2004-0928

HistoryOct 05, 2004 - 4:00 a.m.

CVE-2004-0928

2004-10-0504:00:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0.139

Percentile

95.7%

JSON

The Microsoft IIS Connector in JRun 4.0 and Macromedia ColdFusion MX 6.0, 6.1, and 6.1 J2EE allows remote attackers to bypass authentication and view source files, such as .asp, .pl, and .php files, via an HTTP request that ends in “;.cfm”.

Affected configurations

Nvd

Node

hitachicosminexus_enterpriseMatch01_01_1enterprise

hitachicosminexus_enterpriseMatch01_01_1standard

hitachicosminexus_enterpriseMatch01_02_2enterprise

hitachicosminexus_enterpriseMatch01_02_2standard

hitachicosminexus_serverMatchweb_01-01_1

hitachicosminexus_serverMatchweb_01-01_2

macromediacoldfusionMatch6.0

macromediacoldfusionMatch6.1

macromediajrunMatch3.0

macromediajrunMatch3.1

macromediajrunMatch4.0

VendorProductVersionCPE
hitachicosminexus_enterprise01_01_1cpe:2.3:a:hitachi:cosminexus_enterprise:01_01_1:*:enterprise:*:*:*:*:*
hitachicosminexus_enterprise01_01_1cpe:2.3:a:hitachi:cosminexus_enterprise:01_01_1:*:standard:*:*:*:*:*
hitachicosminexus_enterprise01_02_2cpe:2.3:a:hitachi:cosminexus_enterprise:01_02_2:*:enterprise:*:*:*:*:*
hitachicosminexus_enterprise01_02_2cpe:2.3:a:hitachi:cosminexus_enterprise:01_02_2:*:standard:*:*:*:*:*
hitachicosminexus_serverweb_01-01_1cpe:2.3:a:hitachi:cosminexus_server:web_01-01_1:*:*:*:*:*:*:*
hitachicosminexus_serverweb_01-01_2cpe:2.3:a:hitachi:cosminexus_server:web_01-01_2:*:*:*:*:*:*:*
macromediacoldfusion6.0cpe:2.3:a:macromedia:coldfusion:6.0:*:*:*:*:*:*:*
macromediacoldfusion6.1cpe:2.3:a:macromedia:coldfusion:6.1:*:*:*:*:*:*:*
macromediajrun3.0cpe:2.3:a:macromedia:jrun:3.0:*:*:*:*:*:*:*
macromediajrun3.1cpe:2.3:a:macromedia:jrun:3.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
hitachi	cosminexus_enterprise	01_01_1	cpe:2.3:a:hitachi:cosminexus_enterprise:01_01_1::enterprise:::::
hitachi	cosminexus_enterprise	01_01_1	cpe:2.3:a:hitachi:cosminexus_enterprise:01_01_1::standard:::::
hitachi	cosminexus_enterprise	01_02_2	cpe:2.3:a:hitachi:cosminexus_enterprise:01_02_2::enterprise:::::
hitachi	cosminexus_enterprise	01_02_2	cpe:2.3:a:hitachi:cosminexus_enterprise:01_02_2::standard:::::
hitachi	cosminexus_server	web_01-01_1	cpe:2.3:a:hitachi:cosminexus_server:web_01-01_1:::::::*
hitachi	cosminexus_server	web_01-01_2	cpe:2.3:a:hitachi:cosminexus_server:web_01-01_2:::::::*
macromedia	coldfusion	6.0	cpe:2.3:a:macromedia:coldfusion:6.0:::::::*
macromedia	coldfusion	6.1	cpe:2.3:a:macromedia:coldfusion:6.1:::::::*
macromedia	jrun	3.0	cpe:2.3:a:macromedia:jrun:3.0:::::::*
macromedia	jrun	3.1	cpe:2.3:a:macromedia:jrun:3.1:::::::*

Rows per page:

1-10 of 111

References

marc.info/?l=bugtraq&m=109621995623823&w=2

secunia.com/advisories/12638/

secunia.com/advisories/12647/

www.idefense.com/application/poi/display?id=148&type=vulnerabilities

www.kb.cert.org/vuls/id/977440

www.macromedia.com/devnet/security/security_zone/mpsb04-08.html

www.macromedia.com/devnet/security/security_zone/mpsb04-09.html

www.securityfocus.com/bid/11245

exchange.xforce.ibmcloud.com/vulnerabilities/17484

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0.139

Percentile

95.7%

JSON

Related for NVD:CVE-2004-0928

checkpoint_advisories1 cvelist1 cve2 securityvulns1 nvd1 nessus1