CVE-2004-1815

Description

Unknown vulnerability in ColdFusion MX 6.0 and 6.1, and JRun 4.0, when a SOAP web service expects an array of objects as an argument, allows remote attackers to cause a denial of service (memory consumption).

Affected products

• macromedia / coldfusion6.0 – 6.0
• macromedia / coldfusion6.1 – 6.1
• macromedia / jrun4.0 – 4.0
• macromedia / jrun4.0 – 4.0
• macromedia / jrun4.0 – 4.0
• macromedia / jrun4.0_build_61650 – 4.0_build_61650
• sun / one_application_server7.0 – 7.0
• sun / one_application_server7.0 – 7.0
• sun / one_application_server7.0 – 7.0
• sun / one_application_server7.0 – 7.0
• sun / one_application_server7.0 – 7.0
• sun / one_application_server7.0 – 7.0

References

• MAILING_LISThttp://marc.info/?l=bugtraq&m=107936690702515&w=2
• VENDOR_ADVISORYhttp://secunia.com/advisories/11132
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/15473
• MISChttp://www.macromedia.com/devnet/security/security_zone/mpsb04-04.html
• MISChttp://www.securityfocus.com/bid/9877