Page 12 of 116 results (0.003 seconds)

CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 0

CVE-2004-2330

https://notcve.org/view.php?id=CVE-2004-2330

ColdFusion MX 6.1 and 6.1 J2EE allows remote attackers to cause a denial of service via an HTTP request containing a large number of form fields. • http://secunia.com/advisories/10743 http://www.macromedia.com/devnet/security/security_zone/mpsb04-02.html http://www.securityfocus.com/bid/9522 https://exchange.xforce.ibmcloud.com/vulnerabilities/14983 •

CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0

CVE-2004-2335

https://notcve.org/view.php?id=CVE-2004-2335

The Macromedia installers and e-licensing client on Mac OS X, as used for Macromedia Contribute 2, Director, Dreamweaver, Fireworks, Flash, and Studio, install the AuthenticationService setuid and writable by other users, which allows local users to gain privileges by modifying the program. • http://secunia.com/advisories/11123 http://www.macromedia.com/devnet/security/security_zone/mpsb04-03.html http://www.securityfocus.com/bid/9862 https://exchange.xforce.ibmcloud.com/vulnerabilities/15465 •

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2004-2331

https://notcve.org/view.php?id=CVE-2004-2331

ColdFusion MX 6.1 and 6.1 J2EE allows local users to bypass sandbox security restrictions and obtain sensitive information by using Java reflection methods to access trusted Java objects without using the CreateObject function or cfobject tag. • http://secunia.com/advisories/10743 http://www.macromedia.com/devnet/security/security_zone/mpsb04-01.html http://www.securityfocus.com/bid/9521 https://exchange.xforce.ibmcloud.com/vulnerabilities/14984 • CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') •

CVSS: 7.5EPSS: 1%CPEs: 12EXPL: 0

CVE-2004-1478

https://notcve.org/view.php?id=CVE-2004-1478

JRun 4.0 does not properly generate and handle the JSESSIONID, which allows remote attackers to perform a session fixation attack and hijack a user's HTTP session. • http://marc.info/?l=bugtraq&m=109621995623823&w=2 http://secunia.com/advisories/12638 http://www.kb.cert.org/vuls/id/584958 http://www.macromedia.com/devnet/security/security_zone/mpsb04-08.html http://www.securityfocus.com/bid/11245 https://exchange.xforce.ibmcloud.com/vulnerabilities/17481 •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

CVE-2004-2182

https://notcve.org/view.php?id=CVE-2004-2182

Session fixation vulnerability in Macromedia JRun 4.0 allows remote attackers to hijack user sessions by pre-setting the user session ID information used by the session server. • http://www.macromedia.com/devnet/security/security_zone/mpsb04-08.html http://www.securityfocus.com/bid/11414 • CWE-287: Improper Authentication •