← back
CVE-2004-2204

CVE-2004-2204

EPSS 0.3%
Macromedia ColdFusion MX 6.0 and 6.1 application server, when running with the CreateObject function or CFOBJECT tag enabled, allows local users to conduct unauthorized activities and obtain administrative passwords by creating CFML scripts that use CreateObject or CFOBJECT.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://secunia.com/advisories/12693https://exchange.xforce.ibmcloud.com/vulnerabilities/17567http://www.macromedia.com/devnet/security/security_zone/mpsb04-10.htmlhttp://www.osvdb.org/10718http://www.securityfocus.com/archive/1/377213http://www.securityfocus.com/bid/11364