CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 2CVE-2002-1027 – Macromedia Sitespring 1.2 - Default Error Page Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2002-1027
Cross-site scripting vulnerability in the default HTTP 500 error script (500error.jsp) for Macromedia Sitespring 1.2.0 (277.1) allows remote attackers to execute arbitrary web script via a link to 500error.jsp with the script in 1the et parameter. • https://www.exploit-db.com/exploits/21621 http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0029.html http://online.securityfocus.com/archive/1/282742 http://www.iss.net/security_center/static/9588.php http://www.securityfocus.com/bid/5249 •
CVSS: 10.0EPSS: 17%CPEs: 2EXPL: 0CVE-2002-0801
https://notcve.org/view.php?id=CVE-2002-0801
Buffer overflow in the ISAPI DLL filter for Macromedia JRun 3.1 allows remote attackers to execute arbitrary code via a direct request to the filter with a long HTTP host header field in a URL for a .jsp file. • http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0085.html http://online.securityfocus.com/archive/1/274528 http://online.securityfocus.com/archive/1/274601 http://www.cert.org/advisories/CA-2002-14.html http://www.iss.net/security_center/static/9194.php http://www.kb.cert.org/vuls/id/703835 http://www.osvdb.org/5082 http://www.securityfocus.com/bid/4873 •
CVSS: 7.5EPSS: 7%CPEs: 1EXPL: 0CVE-2002-0846
https://notcve.org/view.php?id=CVE-2002-0846
The decoder for Macromedia Shockwave Flash allows remote attackers to execute arbitrary code via a malformed SWF header that contains more data than the specified length. • http://marc.info/?l=bugtraq&m=103072708329280&w=2 http://www.iss.net/security_center/static/9798.php http://www.macromedia.com/v1/handlers/index.cfm?ID=23293 http://www.redhat.com/support/errata/RHSA-2003-026.html http://www.redhat.com/support/errata/RHSA-2003-027.html http://www.securityfocus.com/bid/5430 https://access.redhat.com/security/cve/CVE-2002-0846 https://bugzilla.redhat.com/show_bug.cgi?id=1616826 •
CVSS: 10.0EPSS: 2%CPEs: 3EXPL: 1CVE-2002-0665 – Macromedia JRun 3/4 - Administrative Authentication Bypass
https://notcve.org/view.php?id=CVE-2002-0665
Macromedia JRun Administration Server allows remote attackers to bypass authentication on the login form via an extra slash (/) in the URL. Macromedia JRun Administration Server permite a atacantes remotos evitar la autenticación para entrar en el sistema, mediante un caracter '/' extra en la URL. • https://www.exploit-db.com/exploits/21582 http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0133.html http://marc.info/?l=bugtraq&m=102529402127195&w=2 http://www.iss.net/security_center/static/9450.php http://www.macromedia.com/v1/handlers/index.cfm?ID=23164 http://www.securityfocus.com/bid/5118 •
CVSS: 7.5EPSS: 10%CPEs: 1EXPL: 0CVE-2002-0605
https://notcve.org/view.php?id=CVE-2002-0605
Buffer overflow in Flash OCX for Macromedia Flash 6 revision 23 (6,0,23,0) allows remote attackers to execute arbitrary code via a long movie parameter. • http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0051.html http://marc.info/?l=bugtraq&m=102039374017185&w=2 http://marc.info/?l=vuln-dev&m=102038919414726&w=2 http://www.iss.net/security_center/static/8993.php http://www.macromedia.com/support/flash/ts/documents/buf_ovflow_623.htm http://www.osvdb.org/5177 http://www.securityfocus.com/bid/4664 •