Lucene search
HistoryDec 31, 2004 - 5:00 a.m.
CVE-2004-2505
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.7
Confidence
High
EPSS
0.023
Percentile
89.6%
Macromedia ColdFusion MX before 6.1 does not restrict the size of error messages, which allows remote attackers to cause a denial of service (memory consumption and crash) by sending repeated GET or POST requests that trigger error messages that use long strings of data.
Affected configurations
Node
macromediacoldfusionMatch5.0
ORmacromediacoldfusionMatch6.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| macromedia | coldfusion | 5.0 | cpe:2.3:a:macromedia:coldfusion:5.0:*:*:*:*:*:*:* |
| macromedia | coldfusion | 6.0 | cpe:2.3:a:macromedia:coldfusion:6.0:*:*:*:*:*:*:* |
Related
exploitdb
exploitdb
Macromedia ColdFusion MX 6.0 - Oversized Error Message Denial of Service
2004-04-17 00:00:00
cvelist
cvelist
CVE-2004-2505
2005-10-25 04:00:00
cve
cve
CVE-2004-2505
2005-10-25 04:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.7
Confidence
High
EPSS
0.023
Percentile
89.6%
Related for NVD:CVE-2004-2505