CVE-2005-4345

Published: Dec 19, 2005Modified: Apr 16, 2026

7.2

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 3.9 / Impact: 10.0

Source: NVD

Description

Adobe (formerly Macromedia) ColdFusion MX 7.0 exposes the password hash of the Administrator in an API call, which allows local developers to obtain the hash and gain privileges.

Affected (1)

Products: Macromedia: Coldfusion

Macromedia

1 product

Coldfusion

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Macromedia Coldfusion	Version 7.0

References (10)

http://secunia.com/advisories/18078

Source: cve@mitre.org

PatchVendor Advisory

http://securitytracker.com/id?1015371

Source: cve@mitre.org

PatchVendor Advisory

http://www.macromedia.com/devnet/security/security_zone/mpsb05-14.html

Source: cve@mitre.org

Patch

http://www.securityfocus.com/bid/15904

Source: cve@mitre.org

Patch

http://www.vupen.com/english/advisories/2005/2948

Source: cve@mitre.org

http://secunia.com/advisories/18078