Search...

CVE-2005-4344

2005-12-18T22:47:00

ID CVE-2005-4344
Type cve
Reporter NVD
Modified 2011-03-07T21:28:01

Description

Adobe (formerly Macromedia) ColdFusion MX 7.0 does not honor when the CFOBJECT /CreateObject(Java) setting is disabled, which allows local users to create an object despite the specified configuration.

JSON Vulners Source

Initial Source

{"href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-4344", "history": [], "references": ["http://www.macromedia.com/devnet/security/security_zone/mpsb05-14.html", "http://securitytracker.com/id?1015371", "http://www.securityfocus.com/bid/15904", "http://www.vupen.com/english/advisories/2005/2948"], "lastseen": "2016-09-03T06:09:59", "bulletinFamily": "NVD", "title": "CVE-2005-4344", "cpe": ["cpe:/a:macromedia:coldfusion:7.0"], "viewCount": 0, "id": "CVE-2005-4344", "hash": "f7b57978b5222f86b210991ea81a788911d096f15f7489746bee259a1218c9d6", "description": "Adobe (formerly Macromedia) ColdFusion MX 7.0 does not honor when the CFOBJECT /CreateObject(Java) setting is disabled, which allows local users to create an object despite the specified configuration.", "edition": 1, "assessment": {"name": "", "href": "", "system": ""}, "cvelist": ["CVE-2005-4344"], "scanner": [], "modified": "2011-03-07T21:28:01", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "objectVersion": "1.2", "reporter": "NVD", "type": "cve", "published": "2005-12-18T22:47:00", "enchantments": {"score": {"value": 2.1, "vector": "NONE", "modified": "2016-09-03T06:09:59"}, "vulnersScore": 2.1}}

{"result": {"osvdb": [{"lastseen": "2017-04-28T13:20:18", "references": [], "edition": 1, "description": "# No description provided by the source\n\n## References:\n[Vendor Specific Advisory URL](http://www.macromedia.com/devnet/security/security_zone/mpsb05-14.html)\nSecurity Tracker: 1015371\n[Secunia Advisory ID:18078](https://secuniaresearch.flexerasoftware.com/advisories/18078/)\n[Related OSVDB ID: 21898](https://vulners.com/osvdb/OSVDB:21898)\n[Related OSVDB ID: 21899](https://vulners.com/osvdb/OSVDB:21899)\n[Related OSVDB ID: 22865](https://vulners.com/osvdb/OSVDB:22865)\nKeyword: MPSB05-14\nFrSIRT Advisory: ADV-2005-2948\n[CVE-2005-4344](https://vulners.com/cve/CVE-2005-4344)\nBugtraq ID: 15904\n", "reporter": "OSVDB", "published": "2005-12-15T08:47:55", "title": "ColdFusion CFOBJECT /CreateObject(Java) Object Creation Restriction Bypass", "type": "osvdb", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2005-4344"], "modified": "2005-12-15T08:47:55", "href": "https://vulners.com/osvdb/OSVDB:21897", "id": "OSVDB:21897", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}]}}