CVE-2007-5905

Adobe ColdFusion 8 and MX 7 allows remote attackers to hijack sessions via unspecified vectors that trigger establishment of a session to a ColdFusion application in which the (1) CFID or (2) CFTOKEN cookies have empty values, possibly due to a session fixation vulnerability.
Configurations

Configuration 1

cpe:2.3:a:adobe:coldfusion:8.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:coldfusion:7.0:*:*:*:*:*:*:*

Information

Published : 2007-11-15 08:46

Updated : 2017-07-29 01:33


NVD link : CVE-2007-5905

Mitre link : CVE-2007-5905

Products Affected
No products.
CWE