Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2505


Vulnerability Score 5.0 5.0
CVE Id CVE-2004-2505
Last Modified 05 Sep 2008 04:44:19
Published 31 Dec 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Macromedia ColdFusion MX before 6.1 does not restrict the size of error messages, which allows remote attackers to cause a denial of service (memory consumption and crash) by sending repeated GET or POST requests that trigger error messages that use long strings of data.

Vulnerable Systems


  • Macromedia Coldfusion 5.0

  • Macromedia Coldfusion 6.0


BID - 10163

XF - coldfusion-file-upload-dos(15895)

BUGTRAQ - 20040417 Network Intelligence Advisory - Denial of Service Vulnerability in ColdFusion MX

Last Updated: 27 May 2016 10:39:30