Vulnerabilities > Macromedia
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-11-29 | CVE-2002-1310 | Buffer Overrun vulnerability in Macromedia JRun IIS ISAPI Filter GET Request Heap-based buffer overflow in the error-handling mechanism for the IIS ISAPI handler in Macromedia JRun 4.0 and earlier allows remote attackers to execute arbitrary via an HTTP GET request with a long .jsp file name. | 7.5 |
| 2002-11-29 | CVE-2002-1309 | Remote Security vulnerability in Macromedia Coldfusion 6.0 Heap-based buffer overflow in the error-handling mechanism for the IIS ISAPI handler in Macromedia ColdFusion 6.0 allows remote attackers to execute arbitrary via an HTTP GET request with a long .cfm file name. | 7.5 |
| 2002-10-04 | CVE-2002-1027 | Cross-Site Scripting vulnerability in Macromedia Sitespring 1.2.0 Cross-site scripting vulnerability in the default HTTP 500 error script (500error.jsp) for Macromedia Sitespring 1.2.0 (277.1) allows remote attackers to execute arbitrary web script via a link to 500error.jsp with the script in 1the et parameter. | 7.5 |
| 2002-10-04 | CVE-2002-1026 | Denial Of Service vulnerability in Macromedia Sitespring 1.2.0 Macromedia Sitespring 1.2.0 (277.1) using Sybase runtime engine 7.0.2.1480 allows remote attackers to cause a denial of service (crash) via a long malformed request to TCP port 2500, possibly triggering a buffer overflow. | 5.0 |
| 2002-10-04 | CVE-2002-1025 | Unspecified vulnerability in Macromedia Jrun 3.0/3.1/4.0 JRun 3.0 through 4.0 allows remote attackers to read JSP source code via an encoded null byte in an HTTP GET request, which causes the server to send the .JSP file unparsed. | 5.0 |
| 2002-10-04 | CVE-2002-0937 | Denial Of Service vulnerability in Macromedia Jrun 3.0/3.1/4.0 The Java Server Pages (JSP) engine in JRun allows web page owners to cause a denial of service (engine crash) on the web server via a JSP page that calls WPrinterJob().pageSetup(null,null). | 5.0 |
| 2002-08-12 | CVE-2002-0846 | Buffer Overflow vulnerability in Macromedia Flash Malformed Header The decoder for Macromedia Shockwave Flash allows remote attackers to execute arbitrary code via a malformed SWF header that contains more data than the specified length. | 7.5 |
| 2002-08-12 | CVE-2002-0801 | Buffer Overflow vulnerability in Macromedia JRun Host Header Field Buffer overflow in the ISAPI DLL filter for Macromedia JRun 3.1 allows remote attackers to execute arbitrary code via a direct request to the filter with a long HTTP host header field in a URL for a .jsp file. | 10.0 |
| 2002-08-12 | CVE-2002-0477 | Unspecified vulnerability in Macromedia Flash Player 5.0 Standalone Macromedia Flash Player 5.0 before 5,0,30,2 allows remote attackers to execute arbitrary programs via a .SWF file containing the "exec" FSCommand. | 7.5 |
| 2002-08-12 | CVE-2002-0476 | Unspecified vulnerability in Macromedia Flash Player 5.0 Standalone Macromedia Flash Player 5.0 allows remote attackers to save arbitrary files and programs via a .SWF file containing the undocumented "save" FSCommand. | 5.0 |