Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
macromedia vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-0928
The Microsoft IIS Connector in JRun 4.0 and Macromedia ColdFusion MX 6.0, 6.1, and 6.1 J2EE allows remote malicious users to bypass authentication and view source files, such as .asp, .pl, and .php files, via an HTTP request that ends in ";.cfm".
Hitachi Cosminexus Enterprise 01 02 2
Macromedia Jrun 4.0
Hitachi Cosminexus Enterprise 01 01 1
Macromedia Jrun 3.0
Macromedia Jrun 3.1
Hitachi Cosminexus Server Web 01-01 1
Hitachi Cosminexus Server Web 01-01 2
Macromedia Coldfusion 6.0
Macromedia Coldfusion 6.1
NA
CVE-2004-1478
JRun 4.0 does not properly generate and handle the JSESSIONID, which allows remote malicious users to perform a session fixation attack and hijack a user's HTTP session.
Hitachi Cosminexus Enterprise 01 02 2
Hitachi Cosminexus Server Web 01-01 1
Macromedia Jrun 4.0
Hitachi Cosminexus Server Web 01-01 2
Macromedia Coldfusion 6.0
Macromedia Coldfusion 6.1
Hitachi Cosminexus Enterprise 01 01 1
Macromedia Jrun 3.0
Macromedia Jrun 3.1
NA
CVE-2005-4216
The Administration Service (FMSAdmin.exe) in Macromedia Flash Media Server 2.0 r1145 allows remote malicious users to cause a denial of service (application crash) via a malformed request with a single character to port 1111.
Macromedia Flash Media Server 2.0
Macromedia Flash Media Server 2.0 R1145
1 EDB exploit
NA
CVE-2005-3901
Macromedia Flash Communication Server MX 1.0 and 1.5 does not sufficiently validate certain RTMP data, which allows malicious users to cause a denial of service (instability or crash), as demonstrated using an alpha release build of Flash Player 8.5 (build 133).
Macromedia Flash Communication Server 1.5
Macromedia Flash Communication Server 1.0
NA
CVE-2003-0208
Cross-site scripting (XSS) vulnerability in Macromedia Flash ad user tracking capability allows remote malicious users to insert arbitrary Javascript via the clickTAG field.
Macromedia Flash
NA
CVE-2002-1310
Heap-based buffer overflow in the error-handling mechanism for the IIS ISAPI handler in Macromedia JRun 4.0 and previous versions allows remote malicious users to execute arbitrary via an HTTP GET request with a long .jsp file name.
Macromedia Jrun
NA
CVE-2000-1049
Allaire JRun 3.0 http servlet server allows remote malicious users to cause a denial of service via a URL that contains a long string of "." characters.
Macromedia Jrun 3.0
NA
CVE-2004-0407
The HTML form upload capability in ColdFusion MX 6.1 does not reclaim disk space if an upload is interrupted, which allows remote malicious users to cause a denial of service (disk consumption) by repeatedly uploading files and interrupting the uploads before they finish.
Macromedia Coldfusion 6.1
NA
CVE-2007-1403
Multiple stack-based buffer overflows in an ActiveX control in SwDir.dll 10.1.4.20 in Macromedia Shockwave allow remote malicious users to cause a denial of service (Internet Explorer 7 crash) and possibly execute arbitrary code via a long (1) BGCOLOR, (2) SRC, (3) AutoStart, (4)...
Macromedia Shockwave 10.1.4.20
1 EDB exploit
NA
CVE-2000-1050
Allaire JRun 3.0 http servlet server allows remote malicious users to directly access the WEB-INF directory via a URL request that contains an extra "/" in the beginning of the request (aka the "extra leading slash").
Macromedia Jrun 3.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »