Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
macromedia vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2004-1478
JRun 4.0 does not properly generate and handle the JSESSIONID, which allows remote malicious users to perform a session fixation attack and hijack a user's HTTP session.
Hitachi Cosminexus Enterprise 01 02 2
Hitachi Cosminexus Server Web 01-01 1
Macromedia Jrun 4.0
Hitachi Cosminexus Server Web 01-01 2
Macromedia Coldfusion 6.0
Macromedia Coldfusion 6.1
Hitachi Cosminexus Enterprise 01 01 1
Macromedia Jrun 3.0
Macromedia Jrun 3.1
5
CVSSv2
CVE-2004-0928
The Microsoft IIS Connector in JRun 4.0 and Macromedia ColdFusion MX 6.0, 6.1, and 6.1 J2EE allows remote malicious users to bypass authentication and view source files, such as .asp, .pl, and .php files, via an HTTP request that ends in ";.cfm".
Hitachi Cosminexus Enterprise 01 02 2
Macromedia Jrun 4.0
Hitachi Cosminexus Enterprise 01 01 1
Macromedia Jrun 3.0
Macromedia Jrun 3.1
Hitachi Cosminexus Server Web 01-01 1
Hitachi Cosminexus Server Web 01-01 2
Macromedia Coldfusion 6.0
Macromedia Coldfusion 6.1
7.8
CVSSv2
CVE-2005-3901
Macromedia Flash Communication Server MX 1.0 and 1.5 does not sufficiently validate certain RTMP data, which allows malicious users to cause a denial of service (instability or crash), as demonstrated using an alpha release build of Flash Player 8.5 (build 133).
Macromedia Flash Communication Server 1.5
Macromedia Flash Communication Server 1.0
7.8
CVSSv2
CVE-2005-4216
The Administration Service (FMSAdmin.exe) in Macromedia Flash Media Server 2.0 r1145 allows remote malicious users to cause a denial of service (application crash) via a malformed request with a single character to port 1111.
Macromedia Flash Media Server 2.0
Macromedia Flash Media Server 2.0 R1145
1 EDB exploit
4.3
CVSSv2
CVE-2003-0208
Cross-site scripting (XSS) vulnerability in Macromedia Flash ad user tracking capability allows remote malicious users to insert arbitrary Javascript via the clickTAG field.
Macromedia Flash
7.5
CVSSv2
CVE-2002-1310
Heap-based buffer overflow in the error-handling mechanism for the IIS ISAPI handler in Macromedia JRun 4.0 and previous versions allows remote malicious users to execute arbitrary via an HTTP GET request with a long .jsp file name.
Macromedia Jrun
7.5
CVSSv2
CVE-2002-0846
The decoder for Macromedia Shockwave Flash allows remote malicious users to execute arbitrary code via a malformed SWF header that contains more data than the specified length.
Macromedia Shockwave Flash
7.5
CVSSv2
CVE-2002-1309
Heap-based buffer overflow in the error-handling mechanism for the IIS ISAPI handler in Macromedia ColdFusion 6.0 allows remote malicious users to execute arbitrary via an HTTP GET request with a long .cfm file name.
Macromedia Coldfusion 6.0
5
CVSSv2
CVE-2001-0179
Allaire JRun 3.0 allows remote malicious users to list contents of the WEB-INF directory, and the web.xml file in the WEB-INF directory, via a malformed URL that contains a "."
Macromedia Jrun 3.0
5
CVSSv2
CVE-2000-1049
Allaire JRun 3.0 http servlet server allows remote malicious users to cause a denial of service via a URL that contains a long string of "." characters.
Macromedia Jrun 3.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-35229
privilege escalation
local users
CVE-2024-5405
CVE-2024-27842
CVE-2024-5274
CVE-2024-5378
CVE-2024-34152
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »