Skip to content
Saturday, December 6, 2025
Medium Published: Dec 19, 2005 Modified: Apr 03, 2025

CVE-2005-4343

5 CVSS SCORE
Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Share:

Description

Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and 7.0 allows remote attackers to attach arbitrary files and send mail via a crafted Subject field, which is not properly handled by the CFMAIL tag in applications that use ColdFusion, aka "CFMAIL injection Vulnerability".

CVSS Vector Details

Attack Vector Network
Attack Complexity Low
Confidentiality None
Integrity P
Availability None

Affected Software Configurations

  • a macromedia coldfusion 6.0 * * * * * * *
  • a macromedia coldfusion 6.1 * * * * * * *
  • a macromedia coldfusion 6.1 * enterprise_with_jrun * * * * *
  • a macromedia coldfusion 6.1 * j2ee_application_server * * * * *
  • a macromedia coldfusion 7.0 * * * * * * *

Weaknesses (CWE)

  • NVD-CWE-Other

References & External Links

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More
← Back to CVE Tracker