Exploitation Summary
EIP tracks 1 public exploit for CVE-2004-2505. PoCs published by K. K. Mookhey.
AI-analyzed exploit summary This exploit triggers a denial of service in Macromedia ColdFusion MX by generating an oversized error message through a malformed date string. The vulnerability is exploited by creating a long string and attempting to format it as a date, causing the server to crash or become unresponsive.
Description
Macromedia ColdFusion MX before 6.1 does not restrict the size of error messages, which allows remote attackers to cause a denial of service (memory consumption and crash) by sending repeated GET or POST requests that trigger error messages that use long strings of data.
Exploits (1)
This exploit triggers a denial of service in Macromedia ColdFusion MX by generating an oversized error message through a malformed date string. The vulnerability is exploited by creating a long string and attempting to format it as a date, causing the server to crash or become unresponsive.