Vulnerability Description
ColdFusion Sandbox on Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and 7.0 does not throw an exception if the SecurityManager is disabled, which might allow remote attackers to "bypass security controls," aka "JRun Clustered Sandbox Security Vulnerability."
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Macromedia | Coldfusion | 6.0 |
References
- http://secunia.com/advisories/18078PatchVendor Advisory
- http://securitytracker.com/id?1015369PatchVendor Advisory
- http://www.macromedia.com/devnet/security/security_zone/mpsb05-12.htmlPatch
- http://www.macromedia.com/devnet/security/security_zone/mpsb05-14.htmlPatch
- http://www.securityfocus.com/bid/15904Patch
- http://www.vupen.com/english/advisories/2005/2948
- http://secunia.com/advisories/18078PatchVendor Advisory
- http://securitytracker.com/id?1015369PatchVendor Advisory
- http://www.macromedia.com/devnet/security/security_zone/mpsb05-12.htmlPatch
- http://www.macromedia.com/devnet/security/security_zone/mpsb05-14.htmlPatch
- http://www.securityfocus.com/bid/15904Patch
- http://www.vupen.com/english/advisories/2005/2948
FAQ
What is CVE-2005-4342?
CVE-2005-4342 is a vulnerability with a CVSS score of 7.5 (HIGH). ColdFusion Sandbox on Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and 7.0 does not throw an exception if the SecurityManager is disabled, which might allow remote attackers to "...
How severe is CVE-2005-4342?
CVE-2005-4342 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-4342?
Check the references section above for vendor advisories and patch information. Affected products include: Macromedia Coldfusion.