Lucene search
HistoryDec 19, 2005 - 3:47 a.m.
CVE-2005-4342
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.7
Confidence
Low
EPSS
0.007
Percentile
80.8%
ColdFusion Sandbox on Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and 7.0 does not throw an exception if the SecurityManager is disabled, which might allow remote attackers to “bypass security controls,” aka “JRun Clustered Sandbox Security Vulnerability.”
Affected configurations
Node
macromediacoldfusionMatch6.0
ORmacromediacoldfusionMatch6.1
ORmacromediacoldfusionMatch6.1enterprise_with_jrun
ORmacromediacoldfusionMatch6.1j2ee_application_server
ORmacromediacoldfusionMatch7.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| macromedia | coldfusion | 6.0 | cpe:2.3:a:macromedia:coldfusion:6.0:*:*:*:*:*:*:* |
| macromedia | coldfusion | 6.1 | cpe:2.3:a:macromedia:coldfusion:6.1:*:*:*:*:*:*:* |
| macromedia | coldfusion | 6.1 | cpe:2.3:a:macromedia:coldfusion:6.1:*:enterprise_with_jrun:*:*:*:*:* |
| macromedia | coldfusion | 6.1 | cpe:2.3:a:macromedia:coldfusion:6.1:*:j2ee_application_server:*:*:*:*:* |
| macromedia | coldfusion | 7.0 | cpe:2.3:a:macromedia:coldfusion:7.0:*:*:*:*:*:*:* |
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.7
Confidence
Low
EPSS
0.007
Percentile
80.8%
Related for NVD:CVE-2005-4342