Lucene search

[email protected]NVD:CVE-2005-4345

HistoryDec 19, 2005 - 3:47 a.m.

CVE-2005-4345

2005-12-1903:47:00

[email protected]

web.nvd.nist.gov

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.6

Confidence

Low

EPSS

0.001

Percentile

30.4%

JSON

Adobe (formerly Macromedia) ColdFusion MX 7.0 exposes the password hash of the Administrator in an API call, which allows local developers to obtain the hash and gain privileges.

Affected configurations

Nvd

Node

macromediacoldfusionMatch7.0

VendorProductVersionCPE
macromediacoldfusion7.0cpe:2.3:a:macromedia:coldfusion:7.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
macromedia	coldfusion	7.0	cpe:2.3:a:macromedia:coldfusion:7.0:::::::*

References

secunia.com/advisories/18078

securitytracker.com/id?1015371

www.macromedia.com/devnet/security/security_zone/mpsb05-14.html

www.securityfocus.com/bid/15904

www.vupen.com/english/advisories/2005/2948

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.6

Confidence

Low

EPSS

0.001

Percentile

30.4%

JSON

Related for NVD:CVE-2005-4345

cvelist1 cve1