Описание
Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and 7.0 allows remote attackers to attach arbitrary files and send mail via a crafted Subject field, which is not properly handled by the CFMAIL tag in applications that use ColdFusion, aka "CFMAIL injection Vulnerability".
Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and 7.0 allows remote attackers to attach arbitrary files and send mail via a crafted Subject field, which is not properly handled by the CFMAIL tag in applications that use ColdFusion, aka "CFMAIL injection Vulnerability".
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2005-4343
- http://secunia.com/advisories/18078
- http://securitytracker.com/id?1015369
- http://www.macromedia.com/devnet/security/security_zone/mpsb05-12.html
- http://www.macromedia.com/devnet/security/security_zone/mpsb05-14.html
- http://www.securityfocus.com/bid/15904
- http://www.vupen.com/english/advisories/2005/2948
EPSS
CVE ID
Связанные уязвимости
Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and 7.0 allows remote attackers to attach arbitrary files and send mail via a crafted Subject field, which is not properly handled by the CFMAIL tag in applications that use ColdFusion, aka "CFMAIL injection Vulnerability".
EPSS