CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2002-0477
https://notcve.org/view.php?id=CVE-2002-0477
Standalone Macromedia Flash Player 5.0 before 5,0,30,2 allows remote attackers to execute arbitrary programs via a .SWF file containing the "exec" FSCommand. • http://marc.info/?l=bugtraq&m=101071988413107&w=2 http://www.iss.net/security_center/static/8587.php http://www.macromedia.com/support/flash/ts/documents/standalone_update.htm http://www.macromedia.com/support/flash/ts/documents/swf_clear.htm http://www.securityfocus.com/archive/1/262990 http://www.securityfocus.com/bid/4321 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2002-0476
https://notcve.org/view.php?id=CVE-2002-0476
Standalone Macromedia Flash Player 5.0 allows remote attackers to save arbitrary files and programs via a .SWF file containing the undocumented "save" FSCommand. • http://www.iss.net/security_center/static/8584.php http://www.macromedia.com/support/flash/ts/documents/fs_save.htm http://www.securityfocus.com/archive/1/262990 http://www.securityfocus.com/bid/4320 •
CVSS: 5.0EPSS: 1%CPEs: 3EXPL: 2CVE-2001-1510
https://notcve.org/view.php?id=CVE-2001-1510
Allaire JRun 2.3.3, 3.0 and 3.1 running on IIS 4.0 and 5.0, iPlanet, Apache, JRun web server (JWS), and possibly other web servers allows remote attackers to read arbitrary files and directories by appending (1) "%3f.jsp", (2) "?.jsp" or (3) "?" to the requested URL. • http://online.securityfocus.com/archive/1/242843/2002-07-27/2002-08-02/2 http://online.securityfocus.com/archive/1/243203 http://www.iss.net/security_center/static/7623.php http://www.macromedia.com/v1/handlers/index.cfm?ID=22262&Method=Full http://www.securityfocus.com/archive/1/243636 http://www.securityfocus.com/bid/3592 •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2001-1545
https://notcve.org/view.php?id=CVE-2001-1545
Macromedia JRun 3.0 and 3.1 appends the jsessionid to URL requests (a.k.a. rewriting) when client browsers have cookies enabled, which allows remote attackers to obtain session IDs and hijack sessions via HTTP referrer fields or sniffing. • http://www.iss.net/security_center/static/7679.php http://www.macromedia.com/v1/handlers/index.cfm?ID=22291&Method=Full http://www.securityfocus.com/bid/3665 •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 2CVE-2001-1511
https://notcve.org/view.php?id=CVE-2001-1511
JRun 3.0 and 3.1 running on JRun Web Server (JWS) and IIS allows remote attackers to read arbitrary JavaServer Pages (JSP) source code via a request URL containing the source filename ending in (1) "jsp%00" or (2) "js%2570". • http://www.iss.net/security_center/static/7676.php http://www.macromedia.com/v1/handlers/index.cfm?ID=22288&Method=Full •