Denial of Service Vulnerability in ColdFusion MX and JRun by Adobe
CVE-2004-1815

Currently unrated

Key Information:

Vendor: Oracle
Status: One Application Server; Jrun; Coldfusion
Vendor: CVE Published:; 15 March 2004

Summary

An unknown vulnerability exists in ColdFusion MX versions 6.0 and 6.1, as well as JRun 4.0. This flaw occurs when a SOAP web service receives an array of objects as an argument, potentially allowing remote attackers to exploit the service, leading to memory consumption issues and resulting in denial of service conditions.

References

http://marc.info/?l=bugtraq&m=107936690702515&w=2

mailing-listx_refsource_BUGTRAQ

http://secunia.com/advisories/11132

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/15473

vdb-entryx_refsource_XF

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
May 4, 2005
Vulnerability published
Mar 15, 2004