CVE-2005-4345 Information

Description

Adobe (formerly Macromedia) ColdFusion MX 7.0 exposes the password hash of the Administrator in an API call which allows local developers to obtain the hash and gain privileges.

Reference

http://secunia.com/advisories/18078 http://securitytracker.com/id?1015371 http://www.macromedia.com/devnet/security/security_zone/mpsb05-14.html http://www.securityfocus.com/bid/15904 http://www.vupen.com/english/advisories/2005/2948