Macromedia JRun 4/ColdFusion MX XML Parser Denial Of Service Vulnerability

A denial of service vulnerability has been reported for Macromedia JRun and ColdFusion MX. The vulnerability occurs in the XML parser used by these products.

An attacker can exploit this vulnerability by sending a specially crafted message to the SOAP interface used by JRun and ColdFusion MX. When the XML parser receives this message, it will consume all available CPU resources thereby resulting in a denial of service condition.


 

Privacy Statement
Copyright 2010, SecurityFocus