CVE-2004-2204
First published: Fri Dec 31 2004(Updated: )
Macromedia ColdFusion MX 6.0 and 6.1 application server, when running with the CreateObject function or CFOBJECT tag enabled, allows local users to conduct unauthorized activities and obtain administrative passwords by creating CFML scripts that use CreateObject or CFOBJECT.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe ColdFusion | =6.0 | |
| Adobe ColdFusion | =6.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2004-2204?
CVE-2004-2204 is considered a medium-risk vulnerability that can lead to unauthorized access to administrative passwords.
How do I fix CVE-2004-2204?
To fix CVE-2004-2204, disable the CreateObject function and CFOBJECT tag to prevent local users from executing unauthorized CFML scripts.
Who is affected by CVE-2004-2204?
CVE-2004-2204 affects users running Macromedia ColdFusion MX versions 6.0 and 6.1 with the CreateObject function or CFOBJECT tag enabled.
What are the potential impacts of CVE-2004-2204?
The potential impacts of CVE-2004-2204 include unauthorized activities and acquisition of sensitive administrative passwords.
Is CVE-2004-2204 still a concern today?
While CVE-2004-2204 pertains to older software versions, organizations still using ColdFusion MX 6.0 or 6.1 should consider it a concern.
- agent/references
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/weakness
- agent/author
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/macromedia
- product/coldfusion
- canonical/macromedia coldfusion
- canonical/adobe coldfusion
- version/adobe coldfusion/6.0
- version/adobe coldfusion/6.1