Vulnerability Details CVE-2004-2505
Macromedia ColdFusion MX before 6.1 does not restrict the size of error messages, which allows remote attackers to cause a denial of service (memory consumption and crash) by sending repeated GET or POST requests that trigger error messages that use long strings of data.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.219
EPSS Ranking 95.4%
CVSS Severity
CVSS v2 Score 5.0
References
- http://archives.neohapsis.com/archives/bugtraq/2004-04/0184.html
- http://www.securityfocus.com/bid/10163
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15895
- http://archives.neohapsis.com/archives/bugtraq/2004-04/0184.html
- http://www.securityfocus.com/bid/10163
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15895
Products affected by CVE-2004-2505
-
cpe:2.3:a:macromedia:coldfusion:5.0
-
cpe:2.3:a:macromedia:coldfusion:6.0