CVE-2005-4342
Published Dec 19, 2005
Last updated 14 years ago
Overview
- Description
- ColdFusion Sandbox on Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and 7.0 does not throw an exception if the SecurityManager is disabled, which might allow remote attackers to "bypass security controls," aka "JRun Clustered Sandbox Security Vulnerability."
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:macromedia:coldfusion:6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B79C39FD-D9A0-4CA4-BF37-D94D9F20E4C1"
},
{
"criteria": "cpe:2.3:a:macromedia:coldfusion:6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B2C65BE0-32FA-4D51-AA2B-E7D630470D19"
},
{
"criteria": "cpe:2.3:a:macromedia:coldfusion:6.1:*:enterprise_with_jrun:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "88FB2C4B-E22D-4469-AD12-403A8E8B260C"
},
{
"criteria": "cpe:2.3:a:macromedia:coldfusion:6.1:*:j2ee_application_server:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5E448558-A9F6-4506-AA6D-688C73CEC61E"
},
{
"criteria": "cpe:2.3:a:macromedia:coldfusion:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "921E5A6D-8476-401B-9A18-BDBC07CA1CDB"
}
],
"operator": "OR"
}
]
}
]