Filtered by vendor Macromedia
Subscribe
Total
116 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-2204 | 1 Macromedia | 1 Coldfusion | 2025-04-03 | 7.2 HIGH | N/A |
| Macromedia ColdFusion MX 6.0 and 6.1 application server, when running with the CreateObject function or CFOBJECT tag enabled, allows local users to conduct unauthorized activities and obtain administrative passwords by creating CFML scripts that use CreateObject or CFOBJECT. | |||||
| CVE-2005-2306 | 1 Macromedia | 2 Coldfusion, Jrun | 2025-04-03 | 3.7 LOW | N/A |
| Race condition in Macromedia JRun 4.0, ColdFusion MX 6.1 and 7.0, when under heavy load, causes JRun to assign a duplicate authentication token to multiple sessions, which could allow authenticated users to gain privileges as other users. | |||||
| CVE-2005-4473 | 1 Macromedia | 1 Jrun | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Macromedia JRun 4 web server (JWS) allows remote attackers to view web application source code via "a malformed URL." | |||||
| CVE-2004-1816 | 2 Macromedia, Sun | 3 Coldfusion, Jrun, One Application Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in Sun Java System Application Server 7.0 Update 2 and earlier, when a SOAP web service expects an array of objects as an argument, allows remote attackers to cause a denial of service (memory consumption). | |||||
| CVE-2005-3900 | 1 Macromedia | 1 Breeze | 2025-04-03 | 7.8 HIGH | N/A |
| Macromedia Breeze Communication Server and Breeze Live Server does 5.1 and earlier not sufficiently validate certain RTMP data, which allows attackers to cause a denial of service (instability or crash), as demonstrated using an alpha release build of Flash Player 8.5 (build 133). | |||||
| CVE-2005-2628 | 1 Macromedia | 1 Flash Player | 2025-04-03 | 5.1 MEDIUM | N/A |
| Macromedia Flash 6 and 7 (Flash.ocx) allows remote attackers to execute arbitrary code via a SWF file with a modified frame type identifier that is used as an out-of-bounds array index to a function pointer. | |||||
| CVE-2002-2186 | 1 Macromedia | 1 Jrun | 2025-04-03 | 5.0 MEDIUM | N/A |
| Macromedia JRun 3.0, 3.1, and 4.0 allow remote attackers to view the source code of .JSP files via Unicode encoded character values in a URL. | |||||
| CVE-2005-4216 | 1 Macromedia | 1 Flash Media Server | 2025-04-03 | 7.8 HIGH | N/A |
| The Administration Service (FMSAdmin.exe) in Macromedia Flash Media Server 2.0 r1145 allows remote attackers to cause a denial of service (application crash) via a malformed request with a single character to port 1111. | |||||
| CVE-2005-4472 | 1 Macromedia | 1 Jrun | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the Macromedia JRun 4 web server (JWS) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long request that is not properly handled during conversion to wide characters. | |||||
| CVE-2005-1022 | 1 Macromedia | 1 Coldfusion | 2025-04-03 | 5.0 MEDIUM | N/A |
| ColdFusion 6.1 Updater 1 places Java .class files under the web root in the /WEB-INF/cfclasses directory, which allows remote attackers to obtain sensitive information. | |||||
| CVE-2001-1511 | 1 Macromedia | 1 Jrun | 2025-04-03 | 5.0 MEDIUM | N/A |
| JRun 3.0 and 3.1 running on JRun Web Server (JWS) and IIS allows remote attackers to read arbitrary JavaServer Pages (JSP) source code via a request URL containing the source filename ending in (1) "jsp%00" or (2) "js%2570". | |||||
| CVE-2001-1427 | 1 Macromedia | 1 Coldfusion | 2025-04-03 | 7.5 HIGH | N/A |
| Unknown vulnerability in ColdFusion Server 2.0 through 4.5.1 SP2 allows remote attackers to overwrite templates with zero byte files via unknown attack vectors. | |||||
| CVE-2004-0407 | 1 Macromedia | 1 Coldfusion | 2025-04-03 | 2.6 LOW | N/A |
| The HTML form upload capability in ColdFusion MX 6.1 does not reclaim disk space if an upload is interrupted, which allows remote attackers to cause a denial of service (disk consumption) by repeatedly uploading files and interrupting the uploads before they finish. | |||||
| CVE-2000-0539 | 1 Macromedia | 1 Jrun | 2025-04-03 | 6.4 MEDIUM | N/A |
| Servlet examples in Allaire JRun 2.3.x allow remote attackers to obtain sensitive information, e.g. listing HttpSession ID's via the SessionServlet servlet. | |||||
| CVE-2003-0208 | 1 Macromedia | 1 Flash | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Macromedia Flash ad user tracking capability allows remote attackers to insert arbitrary Javascript via the clickTAG field. | |||||
| CVE-1999-1454 | 1 Macromedia | 1 Matrix Screen Saver | 2025-04-03 | 4.6 MEDIUM | N/A |
| Macromedia "The Matrix" screen saver on Windows 95 with the "Password protected" option enabled allows attackers with physical access to the machine to bypass the password prompt by pressing the ESC (Escape) key. | |||||
| CVE-2002-1881 | 1 Macromedia | 1 Flash Player | 2025-04-03 | 5.0 MEDIUM | N/A |
| Macromedia Flash Player 4.0 r12 through 6.0.47.0 allows remote attackers to cause a denial of service (web browser crash) via malformed content in a Flash Shockwave (.SWF) file, as demonstrated by by ROT13 encoding the body of the file but not the headers. | |||||
| CVE-2000-1049 | 1 Macromedia | 1 Jrun | 2025-04-03 | 5.0 MEDIUM | N/A |
| Allaire JRun 3.0 http servlet server allows remote attackers to cause a denial of service via a URL that contains a long string of "." characters. | |||||
| CVE-2004-1815 | 2 Macromedia, Sun | 3 Coldfusion, Jrun, One Application Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in ColdFusion MX 6.0 and 6.1, and JRun 4.0, when a SOAP web service expects an array of objects as an argument, allows remote attackers to cause a denial of service (memory consumption). | |||||
| CVE-2002-2187 | 1 Macromedia | 1 Jrun | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown "file disclosure" vulnerability in Macromedia JRun 3.0, 3.1, and 4.0, related to a log file or jrun.ini, with unknown impact. | |||||