ColdFusion MX 6.1 and 6.1 J2EE allows remote malicious users to cause a denial of service via an HTTP request containing a large number of form fields.
macromedia coldfusion 6.1
Vulmon