Vulnerabilities > Macromedia > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2001-12-31 | CVE-2001-1510 | Unspecified vulnerability in Macromedia Jrun 2.3.3/3.0/3.1 Allaire JRun 2.3.3, 3.0 and 3.1 running on IIS 4.0 and 5.0, iPlanet, Apache, JRun web server (JWS), and possibly other web servers allows remote attackers to read arbitrary files and directories by appending (1) "%3f.jsp", (2) "?.jsp" or (3) "?" to the requested URL. | 5.0 |
| 2001-11-28 | CVE-2001-0926 | Unspecified vulnerability in Macromedia Jrun 2.3.3/3.0/3.1 SSIFilter in Allaire JRun 3.1, 3.0 and 2.3.3 allows remote attackers to obtain source code for Java server pages (.jsp) and other files in the web root via an HTTP request for a non-existent SSI page, in which the request's body has an #include statement. | 5.0 |
| 2001-05-03 | CVE-2001-0179 | Unspecified vulnerability in Macromedia Jrun 3.0 Allaire JRun 3.0 allows remote attackers to list contents of the WEB-INF directory, and the web.xml file in the WEB-INF directory, via a malformed URL that contains a "." | 5.0 |
| 2000-12-11 | CVE-2000-1052 | Unspecified vulnerability in Macromedia Jrun 2.3.X Allaire JRun 2.3 server allows remote attackers to obtain source code for executable content by directly calling the SSIFilter servlet. | 5.0 |
| 2000-12-11 | CVE-2000-1051 | Unspecified vulnerability in Macromedia Jrun 2.3.X Directory traversal vulnerability in Allaire JRun 2.3 server allows remote attackers to read arbitrary files via the SSIFilter servlet. | 5.0 |
| 2000-12-11 | CVE-2000-1050 | Unspecified vulnerability in Macromedia Jrun 3.0 Allaire JRun 3.0 http servlet server allows remote attackers to directly access the WEB-INF directory via a URL request that contains an extra "/" in the beginning of the request (aka the "extra leading slash"). | 5.0 |
| 2000-12-11 | CVE-2000-1049 | Unspecified vulnerability in Macromedia Jrun 3.0 Allaire JRun 3.0 http servlet server allows remote attackers to cause a denial of service via a URL that contains a long string of "." characters. | 5.0 |
| 2000-06-22 | CVE-2000-0540 | Unspecified vulnerability in Macromedia Jrun 2.3 JSP sample files in Allaire JRun 2.3.x allow remote attackers to access arbitrary files (e.g. | 5.0 |
| 2000-06-22 | CVE-2000-0539 | Unspecified vulnerability in Macromedia Jrun 2.3 Servlet examples in Allaire JRun 2.3.x allow remote attackers to obtain sensitive information, e.g. | 6.4 |
| 1999-10-04 | CVE-1999-1454 | Unspecified vulnerability in Macromedia Matrix Screen Saver Macromedia "The Matrix" screen saver on Windows 95 with the "Password protected" option enabled allows attackers with physical access to the machine to bypass the password prompt by pressing the ESC (Escape) key. | 4.6 |