Vulnerabilities > Macromedia > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-01-05 | CVE-2003-1017 | Unspecified vulnerability in Macromedia Director and Flash Player Macromedia Flash Player before 7,0,19,0 stores a Flash data file in a predictable location that is accessible to web browsers such as Internet Explorer and Opera, which allows remote attackers to read restricted files via vulnerabilities in web browsers whose exploits rely on predictable names. | 5.0 |
| 2003-12-31 | CVE-2003-1469 | Information Exposure vulnerability in Macromedia Coldfusion and Coldfusion Professional The default configuration of ColdFusion MX has the "Enable Robust Exception Information" option selected, which allows remote attackers to obtain the full path of the web server via a direct request to CFIDE/probe.cfm, which leaks the path in an error message. | 5.0 |
| 2003-05-05 | CVE-2003-0208 | Cross-Site Scripting vulnerability in Macromedia Flash Cross-site scripting (XSS) vulnerability in Macromedia Flash ad user tracking capability allows remote attackers to insert arbitrary Javascript via the clickTAG field. network macromedia | 4.3 |
| 2003-04-22 | CVE-2002-1467 | Local File Access vulnerability in Macromedia Flash Player Arbitrary Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to bypass the same-domain restriction and read arbitrary files via (1) an HTTP redirect, (2) a "file://" base in a web document, or (3) a relative URL from a web archive (mht file). | 5.0 |
| 2003-03-31 | CVE-2002-1534 | Unspecified vulnerability in Macromedia Flash Player Macromedia Flash Player allows remote attackers to read arbitrary files via XML script in a .swf file that is hosted on a remote SMB share. | 5.0 |
| 2002-12-31 | CVE-2002-2187 | Unspecified vulnerability in Macromedia Jrun 3.0/3.1/4.0 Unknown "file disclosure" vulnerability in Macromedia JRun 3.0, 3.1, and 4.0, related to a log file or jrun.ini, with unknown impact. | 5.0 |
| 2002-12-31 | CVE-2002-2186 | Unspecified vulnerability in Macromedia Jrun 3.0/3.1/4.0 Macromedia JRun 3.0, 3.1, and 4.0 allow remote attackers to view the source code of .JSP files via Unicode encoded character values in a URL. | 5.0 |
| 2002-12-31 | CVE-2002-1992 | Buffer Overrun vulnerability in Macromedia Coldfusion and Coldfusion Professional Buffer overflow in jrun.dll in ColdFusion MX, when used with IIS 4 or 5, allows remote attackers to cause a denial of service in IIS via (1) a long template file name or (2) a long HTTP header. | 5.0 |
| 2002-12-31 | CVE-2002-1881 | Denial Of Service vulnerability in Macromedia Flash Malformed SWF Macromedia Flash Player 4.0 r12 through 6.0.47.0 allows remote attackers to cause a denial of service (web browser crash) via malformed content in a Flash Shockwave (.SWF) file, as demonstrated by by ROT13 encoding the body of the file but not the headers. | 5.0 |
| 2002-12-31 | CVE-2002-1855 | Unspecified vulnerability in Macromedia Jrun 3.0/3.1/4.0 Macromedia JRun 3.0 through 4.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF."). | 5.0 |