VYPR
Unrated severityNVD Advisory· Published Dec 19, 2005· Updated Jun 16, 2026

CVE-2005-4343

CVE-2005-4343

Description

Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and 7.0 allows remote attackers to attach arbitrary files and send mail via a crafted Subject field, which is not properly handled by the CFMAIL tag in applications that use ColdFusion, aka "CFMAIL injection Vulnerability".

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • cpe:2.3:a:macromedia:coldfusion:6.0:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:macromedia:coldfusion:6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:macromedia:coldfusion:6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:macromedia:coldfusion:6.1:*:enterprise_with_jrun:*:*:*:*:*
    • cpe:2.3:a:macromedia:coldfusion:6.1:*:j2ee_application_server:*:*:*:*:*
    • cpe:2.3:a:macromedia:coldfusion:7.0:*:*:*:*:*:*:*
  • Range: 6.0, 6.1, 6.1 with JRun, 7.0

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.