Vulnerability Details CVE-2005-4345
Adobe (formerly Macromedia) ColdFusion MX 7.0 exposes the password hash of the Administrator in an API call, which allows local developers to obtain the hash and gain privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 1.3%
CVSS Severity
CVSS v2 Score 7.2
References
- http://secunia.com/advisories/18078
- http://securitytracker.com/id?1015371
- http://www.macromedia.com/devnet/security/security_zone/mpsb05-14.html
- http://www.securityfocus.com/bid/15904
- http://www.vupen.com/english/advisories/2005/2948
- http://secunia.com/advisories/18078
- http://securitytracker.com/id?1015371
- http://www.macromedia.com/devnet/security/security_zone/mpsb05-14.html
- http://www.securityfocus.com/bid/15904
- http://www.vupen.com/english/advisories/2005/2948
Products affected by CVE-2005-4345
-
cpe:2.3:a:macromedia:coldfusion:7.0