Description
Macromedia ColdFusion MX before 6.1 does not restrict the size of error messages, which allows remote attackers to cause a denial of service (memory consumption and crash) by sending repeated GET or POST requests that trigger error messages that use long strings of data.
Affected products
- macromedia / coldfusion5.0 – 5.0
- macromedia / coldfusion6.0 – 6.0