← Back

CVE-2005-2306

nvd nist
Published: Jul 19, 2005Modified: Apr 16, 2026

JSON object

Loading...
3.7
Vector
AV:L/AC:H/Au:N/C:P/I:P/A:P
Exploitability: 1.9 / Impact: 6.4
Source: NVD

Description

Race condition in Macromedia JRun 4.0, ColdFusion MX 6.1 and 7.0, when under heavy load, causes JRun to assign a duplicate authentication token to multiple sessions, which could allow authenticated users to gain privileges as other users.

Affected (3)

Macromedia
2 products
Coldfusion
Jrun
Configuration A
3 vulnerable
Vulnerable SoftwareAffected Versions
Macromedia
Coldfusion
Version 6.1
Coldfusion
Version 7.0
Jrun
Version 4.0

References (6)

Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Patch

Timeline

No history available yet.