CVSS: 5.0EPSS: 0%CPEs: 10EXPL: 2CVE-2003-1017 – Macromedia Flash Player 6.0.x - Flash Cookie Predictable File Location
https://notcve.org/view.php?id=CVE-2003-1017
Macromedia Flash Player before 7,0,19,0 stores a Flash data file in a predictable location that is accessible to web browsers such as Internet Explorer and Opera, which allows remote attackers to read restricted files via vulnerabilities in web browsers whose exploits rely on predictable names. El Reproductor de Macromedia Flash en versiones anteriores a 7,0,19,0 almacena un fichero de datos de Flash en una localización predecible, accesible a navegadores web como Internet Explorer y Opera, lo que permite a a atacantes remotos leer ficheros restringidos mediante vulnerabilidades en navegadores web cuya explotación se basa en nombres predecibles. • https://www.exploit-db.com/exploits/23298 http://www.macromedia.com/devnet/security/security_zone/mpsb03-08.html http://www.securityfocus.com/bid/8900 https://exchange.xforce.ibmcloud.com/vulnerabilities/14013 •
CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 1CVE-2002-1534
https://notcve.org/view.php?id=CVE-2002-1534
Macromedia Flash Player allows remote attackers to read arbitrary files via XML script in a .swf file that is hosted on a remote SMB share. Macromedia Flash Player permite a atacantes remotos la lectura arbitraria de ficheros mediante una rutina XML en un fichero .swf albergado en una SMB compartida en remoto. • http://archives.neohapsis.com/archives/bugtraq/2002-10/0083.html http://www.iss.net/security_center/static/10297.php http://www.securityfocus.com/bid/5904 •
CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 1CVE-2002-1467
https://notcve.org/view.php?id=CVE-2002-1467
Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to bypass the same-domain restriction and read arbitrary files via (1) an HTTP redirect, (2) a "file://" base in a web document, or (3) a relative URL from a web archive (mht file). Macromedia Flash Plugin anteriores a 6.0.47 permite a atacantes remotos saltarse las restricciones de mismo dominio y leer ficheros arbitrarios mediante Una redirección HTTP Una base "file://" en un documento web una URL relativa de una archivo web (fichero.mht) • http://online.securityfocus.com/archive/1/286625 http://www.iss.net/security_center/static/9797.php http://www.macromedia.com/v1/handlers/index.cfm?ID=23294 http://www.securityfocus.com/bid/5429 https://access.redhat.com/security/cve/CVE-2002-1467 https://bugzilla.redhat.com/show_bug.cgi?id=1616916 •
CVSS: 5.0EPSS: 1%CPEs: 7EXPL: 2CVE-2002-1881
https://notcve.org/view.php?id=CVE-2002-1881
Macromedia Flash Player 4.0 r12 through 6.0.47.0 allows remote attackers to cause a denial of service (web browser crash) via malformed content in a Flash Shockwave (.SWF) file, as demonstrated by by ROT13 encoding the body of the file but not the headers. • http://archives.neohapsis.com/archives/bugtraq/2002-08/0088.html http://www.iss.net/security_center/static/9843.php http://www.securityfocus.com/bid/5445 •
CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0CVE-2002-1625
https://notcve.org/view.php?id=CVE-2002-1625
Macromedia Flash Player 6 does not terminate connections when the user leaves the web page, which allows remote attackers to cause a denial of service (bandwidth, resource, and CPU consumption) via the (1) loadMovie or (2) loadSound commands, which continue to execute until the browser is closed. • http://www.kb.cert.org/vuls/id/128491 http://www.macromedia.com/v1/handlers/index.cfm?ID=22796&Method=Full&Title=Macromedia%20Flash%20Player%206%20Streaming%20Issue&Cache=False http://www.securityfocus.com/bid/4567 https://exchange.xforce.ibmcloud.com/vulnerabilities/8925 •