Vulnerability Name:
CVE-2005-4344 (CCN-23681)
Assigned:
2005-12-15
Published:
2005-12-15
Updated:
2011-03-08
Summary:
Adobe (formerly Macromedia) ColdFusion MX 7.0 does not honor when the CFOBJECT /CreateObject(Java) setting is disabled, which allows local users to create an object despite the specified configuration.
CVSS v3 Severity:
4.0 Medium
(CCN CVSS v3.1 Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
)
Exploitability Metrics:
Attack Vector (AV):
Local
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope:
Scope (S):
Unchanged
Impact Metrics:
Confidentiality (C):
None
Integrity (I):
Low
Availibility (A):
None
CVSS v2 Severity:
2.1 Low
(CVSS v2 Vector:
AV:L/AC:L/Au:N/C:N/I:P/A:N
)
Exploitability Metrics:
Access Vector (AV):
Local
Access Complexity (AC):
Low
Authentication (Au):
None
Impact Metrics:
Confidentiality (C):
None
Integrity (I):
Partial
Availibility (A):
None
2.1 Low
(CCN CVSS v2 Vector:
AV:L/AC:L/Au:N/C:N/I:P/A:N
)
Exploitability Metrics:
Access Vector (AV):
Local
Access Complexity (AC):
Low
Athentication (Au):
None
Impact Metrics:
Confidentiality (C):
None
Integrity (I):
Partial
Availibility (A):
None
Vulnerability Type:
CWE-Other
Vulnerability Consequences:
Bypass Security
References:
Source: MITRE
Type: CNA
CVE-2005-4344
Source: CCN
Type: SA18078
Macromedia ColdFusion Multiple Vulnerabilities
Source: SECUNIA
Type: Patch, Vendor Advisory
18078
Source: CCN
Type: SECTRACK ID: 1015371
ColdFusion MX Sandbox Lets Local Users Bypass CreateObject Restrictions and Obtain Authentication Information
Source: SECTRACK
Type: Patch, Vendor Advisory
1015371
Source: CCN
Type: Macromedia Security Bulletin MPSB05-14
Cumulative Security Updater for ColdFusion MX 7
Source: CONFIRM
Type: Patch
http://www.macromedia.com/devnet/security/security_zone/mpsb05-14.html
Source: CCN
Type: OSVDB ID: 21897
ColdFusion CFOBJECT /CreateObject(Java) Object Creation Restriction Bypass
Source: BID
Type: Patch
15904
Source: CCN
Type: BID-15904
Macromedia Cold Fusion MX Multiple Vulnerabilities
Source: VUPEN
Type: UNKNOWN
ADV-2005-2948
Source: XF
Type: UNKNOWN
coldfusion-call-restricted-method(23681)
Vulnerable Configuration:
Configuration 1
:
cpe:/a:macromedia:coldfusion:7.0:*:*:*:*:*:*:*
Configuration CCN 1
:
cpe:/a:macromedia:coldfusion:7.0:*:*:*:*:*:*:*
AND
cpe:/o:sun:solaris:8::sparc:*:*:*:*:*
OR
cpe:/o:microsoft:windows_2000_advanced_server:*:*:*:*:*:*:*:*
OR
cpe:/o:ibm:aix:5.1:*:*:*:*:*:*:*
OR
cpe:/o:microsoft:windows_2000:::datacenter_server:*:*:*:*:*
OR
cpe:/o:sun:solaris:9::sparc:*:*:*:*:*
OR
cpe:/o:microsoft:windows_2000:::professional:*:*:*:*:*
OR
cpe:/a:ibm:aix_5l:-:*:*:*:*:*:*:*
OR
cpe:/o:suse:linux_enterprise_server:8:*:*:*:*:*:*:*
OR
cpe:/o:microsoft:windows_2003_server:-::~~enterprise~~~:*:*:*:*:*
OR
cpe:/o:microsoft:windows_2003_server:-::~~standard~~~:*:*:*:*:*
OR
cpe:/o:microsoft:windows_2003_server:web:*:*:*:*:*:*:*
OR
cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
OR
cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
OR
cpe:/o:redhat:enterprise_linux:2.1::as:*:*:*:*:*
OR
cpe:/o:ibm:aix:5.3:*:*:*:*:*:*:*
OR
cpe:/o:sun:solaris:10::64bit:*:*:*:*:*
OR
cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
OR
cpe:/o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*
OR
cpe:/o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*
OR
cpe:/o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*
Denotes that component is vulnerable
BACK
macromedia
coldfusion 7.0
macromedia
coldfusion 7.0
sun
solaris 8
microsoft
windows 2000 advanced server *
ibm
aix 5.1
microsoft
windows 2000
sun
solaris 9
microsoft
windows 2000
ibm
aix 5l -
suse
linux enterprise server 8
microsoft
windows 2003 server -
microsoft
windows 2003 server -
microsoft
windows 2003 server web
redhat
enterprise linux 3
redhat
enterprise linux 3
redhat
enterprise linux 2.1
ibm
aix 5.3
sun
solaris 10
redhat
enterprise linux 4
apple
mac os x 10.3.9
apple
mac os x 10.4.2
apple
mac os x 10.4.3
Denotes that component is vulnerable