Vulnerability in Macromedia Coldfusion

CVE-2004-1816

Unknown vulnerability in Sun Java System Application Server 7.0 Update 2 and earlier, when a SOAP web service expects an array of objects as an argument, allows remote attackers to cause a denial of service (memory consumption).

EPSS: 0.026 (83.6th percentile) — read the EPSS interpretation.

Affected products

Macromedia Coldfusion — versions 6.0, 6.1
Macromedia Jrun — versions 4.0, 4.0_build_61650
Sun One_application_server — versions 7.0
N/a — versions n/a

References

cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
cve@mitre.org (Patch, x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
cve@mitre.org (vdb-entry, x_refsource_XF)
cve@mitre.org (vendor-advisory, Patch, x_refsource_SUNALERT, Vendor Advisory)
cve@mitre.org (vendor-advisory, x_refsource_SUNALERT)
cve@mitre.org (Patch, vdb-entry, x_refsource_BID, Vendor Advisory)