CVE-2004-1815
ColdFusion MX 6.0-6.1 and JRun 4.0 - Denial of Service via SOAP Array Argument
Title source: llmDescription
Unknown vulnerability in ColdFusion MX 6.0 and 6.1, and JRun 4.0, when a SOAP web service expects an array of objects as an argument, allows remote attackers to cause a denial of service (memory consumption).
References (5)
Core 5
Core References
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=107936690702515&w=2
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/11132
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/15473
Patch, Vendor Advisory x_refsource_confirm
http://www.macromedia.com/devnet/security/security_zone/mpsb04-04.html
Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/9877
Scores
EPSS
0.0859
EPSS Percentile
92.5%
Details
Status
published
Products (5)
macromedia/coldfusion
6.0
macromedia/coldfusion
6.1
macromedia/jrun
4.0 (3 CPE variants)
macromedia/jrun
4.0_build_61650
sun/one_application_server
7.0 (6 CPE variants)
Published
Mar 15, 2004
Tracked Since
Feb 18, 2026