Vulnerabilities > Macromedia > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2001-12-31 | CVE-2001-1513 | Unspecified vulnerability in Macromedia Jrun 3.0/3.1 Macromedia JRun 3.0 and 3.1 allows remote attackers to obtain duplicate active user session IDs and perform actions as other users via a URL request for the web application directory without the trailing '/' (slash), as demonstrated using ctx. | 7.5 |
| 2001-10-30 | CVE-2001-0535 | Unspecified vulnerability in Macromedia Coldfusion Server 4.X Example applications (Exampleapps) in ColdFusion Server 4.x do not properly restrict prevent access from outside the local host's domain, which allows remote attackers to conduct upload, read, or execute files by spoofing the "HTTP Host" (CGI.Host) variable in (1) the "Web Publish" example script, and (2) the "Email" example script. | 7.5 |
| 2001-07-11 | CVE-2001-1427 | Unspecified vulnerability in Macromedia Coldfusion Unknown vulnerability in ColdFusion Server 2.0 through 4.5.1 SP2 allows remote attackers to overwrite templates with zero byte files via unknown attack vectors. | 7.5 |
| 2001-07-02 | CVE-2001-1084 | Cross-Site Scripting vulnerability in Macromedia Jrun 2.3.3/3.0 Cross-site scripting vulnerability in Allaire JRun 3.0 and 2.3.3 allows a malicious webmaster to embed Javascript in a request for a .JSP, .shtml, .jsp10, .jrun, or .thtml file that does not exist, which causes the Javascript to be inserted into an error message. | 7.5 |
| 2001-03-26 | CVE-2001-0166 | Unspecified vulnerability in Macromedia Shockwave Flash Plugin 6.0/7.0/8.0 Macromedia Shockwave Flash plugin version 8 and earlier allows remote attackers to cause a denial of service via malformed tag length specifiers in a SWF file. | 7.6 |