Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
macromedia vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-1999-1271
Macromedia Dreamweaver uses weak encryption to store FTP passwords, which could allow local users to easily decrypt the passwords of other users.
Macromedia Dreamweaver Initial
2.1
CVSSv2
CVE-2005-4344
Adobe (formerly Macromedia) ColdFusion MX 7.0 does not honor when the CFOBJECT /CreateObject(Java) setting is disabled, which allows local users to create an object despite the specified configuration.
Macromedia Coldfusion 7.0
5
CVSSv2
CVE-2005-1022
ColdFusion 6.1 Updater 1 places Java .class files under the web root in the /WEB-INF/cfclasses directory, which allows remote malicious users to obtain sensitive information.
Macromedia Coldfusion 6.1
5
CVSSv2
CVE-2000-1049
Allaire JRun 3.0 http servlet server allows remote malicious users to cause a denial of service via a URL that contains a long string of "." characters.
Macromedia Jrun 3.0
2.1
CVSSv2
CVE-2005-3112
The "reset password" feature in Macromedia Breeze 5.0 stores passwords in plaintext in the database instead of the hash, which allows attackers with access to the database to obtain the passwords.
Macromedia Breeze 5
5
CVSSv2
CVE-2000-1050
Allaire JRun 3.0 http servlet server allows remote malicious users to directly access the WEB-INF directory via a URL request that contains an extra "/" in the beginning of the request (aka the "extra leading slash").
Macromedia Jrun 3.0
1 EDB exploit
6.4
CVSSv2
CVE-2001-1512
Unknown vulnerability in Allaire JRun 3.1 allows remote malicious users to directly access the WEB-INF and META-INF directories and execute arbitrary JavaServer Pages (JSP), a variant of CVE-2000-1050.
Macromedia Jrun 3.1
5
CVSSv2
CVE-2001-0179
Allaire JRun 3.0 allows remote malicious users to list contents of the WEB-INF directory, and the web.xml file in the WEB-INF directory, via a malformed URL that contains a "."
Macromedia Jrun 3.0
2.6
CVSSv2
CVE-2004-0407
The HTML form upload capability in ColdFusion MX 6.1 does not reclaim disk space if an upload is interrupted, which allows remote malicious users to cause a denial of service (disk consumption) by repeatedly uploading files and interrupting the uploads before they finish.
Macromedia Coldfusion 6.1
7.5
CVSSv2
CVE-2007-1403
Multiple stack-based buffer overflows in an ActiveX control in SwDir.dll 10.1.4.20 in Macromedia Shockwave allow remote malicious users to cause a denial of service (Internet Explorer 7 crash) and possibly execute arbitrary code via a long (1) BGCOLOR, (2) SRC, (3) AutoStart, (4)...
Macromedia Shockwave 10.1.4.20
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »