Back to search
CVE-2004-2331
Published: Aug 16, 2005
Modified: Aug 8, 2024
PUBLISHED
Description
ColdFusion MX 6.1 and 6.1 J2EE allows local users to bypass sandbox security restrictions and obtain sensitive information by using Java reflection methods to access trusted Java objects without using the CreateObject function or cfobject tag.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.macromedia.com/devnet/security/security_zone/mpsb04-01.html
x_refsource_CONFIRM
coldfusion-mx-sandbox-bypass(14984)
vdb-entry
x_refsource_XF
9521
vdb-entry
x_refsource_BID
10743
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now