7.2
CVE-2004-2204
- EPSS 0.35%
- Veröffentlicht 31.12.2004 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:09:13
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Macromedia ColdFusion MX 6.0 and 6.1 application server, when running with the CreateObject function or CFOBJECT tag enabled, allows local users to conduct unauthorized activities and obtain administrative passwords by creating CFML scripts that use CreateObject or CFOBJECT.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Macromedia ≫ Coldfusion Version6.0
Macromedia ≫ Coldfusion Version6.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.35% | 0.263 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
http://secunia.com/advisories/12693
http://www.macromedia.com/devnet/security/security_zone/mpsb04-10.html
http://www.osvdb.org/10718
http://www.securityfocus.com/archive/1/377213
http://www.securityfocus.com/bid/11364
https://exchange.xforce.ibmcloud.com/vulnerabilities/17567