CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 1CVE-2002-1310
https://notcve.org/view.php?id=CVE-2002-1310
Heap-based buffer overflow in the error-handling mechanism for the IIS ISAPI handler in Macromedia JRun 4.0 and earlier allows remote attackers to execute arbitrary via an HTTP GET request with a long .jsp file name. Desbordamiento de búfer basado en el montón (heap) en el mecanismo de manejo de errores en el manejador de IIS ISAPI en Macromedia JRun 4.0 y anteriores permite a atacantes remotos ejecutar código arbitrario mediante una peticón HTTP GET con un nombre de fichero .jsp largo. • http://archives.neohapsis.com/archives/bugtraq/2002-11/0149.html http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0080.html http://marc.info/?l=bugtraq&r=1&b=200211&w=2 http://www.eeye.com/html/Research/Advisories/AD20021112.html http://www.securityfocus.com/bid/6122 https://exchange.xforce.ibmcloud.com/vulnerabilities/10568 •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 1CVE-2002-1309
https://notcve.org/view.php?id=CVE-2002-1309
Heap-based buffer overflow in the error-handling mechanism for the IIS ISAPI handler in Macromedia ColdFusion 6.0 allows remote attackers to execute arbitrary via an HTTP GET request with a long .cfm file name. Desbordamiento de búfer en el mecanismo de manejo de errores del manejador de IIS ISAPI en Macromedia ColdFusion 6.0 permite a atacantes remotos ejecutar código arbitrario mediante una petición HTTP GET con un nombre de fichero .cfm largo. • http://archives.neohapsis.com/archives/bugtraq/2002-11/0149.html http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0080.html http://marc.info/?l=bugtraq&r=1&b=200211&w=2 http://www.eeye.com/html/Research/Advisories/AD20021112.html •
CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 1CVE-2002-1025
https://notcve.org/view.php?id=CVE-2002-1025
JRun 3.0 through 4.0 allows remote attackers to read JSP source code via an encoded null byte in an HTTP GET request, which causes the server to send the .JSP file unparsed. • http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0138.html http://online.securityfocus.com/archive/1/280062 http://www.iss.net/security_center/static/9459.php http://www.macromedia.com/v1/handlers/index.cfm?ID=23164 http://www.osvdb.org/5028 http://www.securityfocus.com/bid/5134 •
CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 2CVE-2002-0937 – Macromedia JRun 3/4 JSP Engine - Denial of Service
https://notcve.org/view.php?id=CVE-2002-0937
The Java Server Pages (JSP) engine in JRun allows web page owners to cause a denial of service (engine crash) on the web server via a JSP page that calls WPrinterJob().pageSetup(null,null). • https://www.exploit-db.com/exploits/21536 http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0095.html http://www.iss.net/security_center/static/9339.php http://www.securityfocus.com/bid/4997 •
CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 1CVE-2002-1026
https://notcve.org/view.php?id=CVE-2002-1026
Macromedia Sitespring 1.2.0 (277.1) using Sybase runtime engine 7.0.2.1480 allows remote attackers to cause a denial of service (crash) via a long malformed request to TCP port 2500, possibly triggering a buffer overflow. • http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0140.html http://online.securityfocus.com/archive/1/280079 http://www.iss.net/security_center/static/9458.php http://www.securityfocus.com/bid/5132 •