Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0770

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2012-0770
Last Modified 14 Mar 2012 12:00:00
Published 13 Mar 2012 06:55:01
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-0770

Summary

Adobe ColdFusion 8.0, 8.0.1, 9.0, and 9.0.1 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.

Vulnerable Systems

Application

  • Adobe Coldfusion 8.0

  • Adobe Coldfusion 8.0.1

  • Adobe Coldfusion 9.0

  • Adobe Coldfusion 9.0.1


References

CONFIRM - http://www.adobe.com/support/security/bulletins/apsb12-06.html


Last Updated: 27 May 2016 10:57:27