Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1555

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2005-1555
Last Modified 05 Sep 2008 04:49:27
Published 10 May 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2005-1555

Summary

Cross-site scripting (XSS) vulnerability in the JRun Web Server in ColdFusion MX 7.0 allows remote attackers to inject arbitrary script or HTML via the URL, which is not properly quoted in the resulting default 404 error page.

Vulnerable Systems

Application

  • Macromedia Coldfusion 7.0


References

XF - coldfusion-mx7-default-page-xss(20550)

CONFIRM - http://www.macromedia.com/devnet/security/security_zone/mpsb05-03.html

BUGTRAQ - 20050510 New Macromedia Security Zone Bulletin Posted


Last Updated: 27 May 2016 10:40:12