Vulnerabilities > Macromedia
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-04-22 | CVE-2002-1467 | Local File Access vulnerability in Macromedia Flash Player Arbitrary Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to bypass the same-domain restriction and read arbitrary files via (1) an HTTP redirect, (2) a "file://" base in a web document, or (3) a relative URL from a web archive (mht file). | 5.0 |
| 2003-03-31 | CVE-2002-1534 | Unspecified vulnerability in Macromedia Flash Player Macromedia Flash Player allows remote attackers to read arbitrary files via XML script in a .swf file that is hosted on a remote SMB share. | 5.0 |
| 2002-12-31 | CVE-2002-2187 | Unspecified vulnerability in Macromedia Jrun 3.0/3.1/4.0 Unknown "file disclosure" vulnerability in Macromedia JRun 3.0, 3.1, and 4.0, related to a log file or jrun.ini, with unknown impact. | 5.0 |
| 2002-12-31 | CVE-2002-2186 | Unspecified vulnerability in Macromedia Jrun 3.0/3.1/4.0 Macromedia JRun 3.0, 3.1, and 4.0 allow remote attackers to view the source code of .JSP files via Unicode encoded character values in a URL. | 5.0 |
| 2002-12-31 | CVE-2002-1992 | Buffer Overrun vulnerability in Macromedia Coldfusion and Coldfusion Professional Buffer overflow in jrun.dll in ColdFusion MX, when used with IIS 4 or 5, allows remote attackers to cause a denial of service in IIS via (1) a long template file name or (2) a long HTTP header. | 5.0 |
| 2002-12-31 | CVE-2002-1881 | Denial Of Service vulnerability in Macromedia Flash Malformed SWF Macromedia Flash Player 4.0 r12 through 6.0.47.0 allows remote attackers to cause a denial of service (web browser crash) via malformed content in a Flash Shockwave (.SWF) file, as demonstrated by by ROT13 encoding the body of the file but not the headers. | 5.0 |
| 2002-12-31 | CVE-2002-1855 | Unspecified vulnerability in Macromedia Jrun 3.0/3.1/4.0 Macromedia JRun 3.0 through 4.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF."). | 5.0 |
| 2002-12-31 | CVE-2002-1700 | Cross-Site Scripting vulnerability in multiple products Cross-site scripting vulnerability (XSS) in the missing template handler in Macromedia ColdFusion MX allows remote attackers to execute arbitrary script as other users by injecting script into the HTTP request for the name of a template, which is not filtered in the resulting 404 error message. | 4.3 |
| 2002-12-31 | CVE-2002-1625 | Unspecified vulnerability in Macromedia Flash Player 6.0 Macromedia Flash Player 6 does not terminate connections when the user leaves the web page, which allows remote attackers to cause a denial of service (bandwidth, resource, and CPU consumption) via the (1) loadMovie or (2) loadSound commands, which continue to execute until the browser is closed. | 5.0 |
| 2002-12-23 | CVE-2002-1382 | SWF Buffer Overflow vulnerability in Macromedia Flash Macromedia Flash Player before 6.0.65.0 allows remote attackers to execute arbitrary code via certain malformed data headers in Shockwave Flash file format (SWF) files, a different issue than CAN-2002-0846. | 7.5 |