7.2

CVE-2004-2204

Macromedia ColdFusion MX 6.0 and 6.1 application server, when running with the CreateObject function or CFOBJECT tag enabled, allows local users to conduct unauthorized activities and obtain administrative passwords by creating CFML scripts that use CreateObject or CFOBJECT.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MacromediaColdfusion Version6.0
MacromediaColdfusion Version6.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.35% 0.263
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/12693
Vendor Advisory
http://www.macromedia.com/devnet/security/security_zone/mpsb04-10.html
Vendor Advisory
http://www.osvdb.org/10718
http://www.securityfocus.com/archive/1/377213
http://www.securityfocus.com/bid/11364
https://exchange.xforce.ibmcloud.com/vulnerabilities/17567