CVSS: 7.5EPSS: 21%CPEs: 1EXPL: 1CVE-2006-6885 – Macromedia Shockwave 10 'SwDir.dll' Internet Explorer 7 - Denial of Service
https://notcve.org/view.php?id=CVE-2006-6885
31 Dec 2006 — An ActiveX control in SwDir.dll in Macromedia Shockwave 10 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long string in the swURL attribute. Un control ActiveX en SwDir.dll en Macromedia Shockwave 10 permite a un atacante remoto provocar denegación de servicio (caida de Internet Explorer 7) a través de una cadena en el atributo swURL. • https://www.exploit-db.com/exploits/3042 •
CVSS: 7.5EPSS: 14%CPEs: 4EXPL: 2CVE-2006-6827 – Macromedia Flash 8 (Flash8b.ocx) Internet Explorer 7 - Denial of Service
https://notcve.org/view.php?id=CVE-2006-6827
31 Dec 2006 — Flash8b.ocx in Macromedia Flash 8 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long string in the Flash8b.AllowScriptAccess method. Flash8b.ocx en Macromedia Flash 8 permite a atacantes remotos provocar denegación de servicio (caida del Internet Explorer 7) a través de grandes cadenas en el método Flash8b.AllowScriptAccess. • https://www.exploit-db.com/exploits/3041 •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2006-3979
https://notcve.org/view.php?id=CVE-2006-3979
09 Aug 2006 — The AdminAPI of ColdFusion MX 7 allows attackers to bypass authentication by using "programmatic access" to the adminAPI instead of the ColdFusion Administrator. La AdminAPI de ColdFusion MX 7 permite a atacantes remotos evitar autenticación usando "acceso programático" a la adminAPI en vez del Administrador ColdFusion. • http://secunia.com/advisories/21421 •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2006-2364
https://notcve.org/view.php?id=CVE-2006-2364
15 May 2006 — Cross-site scripting (XSS) vulnerability in the validation feature in Macromedia ColdFusion 5 and earlier allows remote attackers to inject arbitrary web script or HTML via a "_required" field when the associated normal field is missing or empty, which is not sanitized before being presented in an error message. • http://securityreason.com/securityalert/894 •
CVSS: 8.8EPSS: 14%CPEs: 14EXPL: 0CVE-2006-0024
https://notcve.org/view.php?id=CVE-2006-0024
15 Mar 2006 — Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a crafted SWF file. • http://docs.info.apple.com/article.html?artnum=307179 •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2005-4473
https://notcve.org/view.php?id=CVE-2005-4473
22 Dec 2005 — Unspecified vulnerability in Macromedia JRun 4 web server (JWS) allows remote attackers to view web application source code via "a malformed URL." • http://secunia.com/advisories/18077 •
CVSS: 9.8EPSS: 23%CPEs: 4EXPL: 0CVE-2005-4472
https://notcve.org/view.php?id=CVE-2005-4472
22 Dec 2005 — Stack-based buffer overflow in the Macromedia JRun 4 web server (JWS) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long request that is not properly handled during conversion to wide characters. • http://secunia.com/advisories/18077 •
CVSS: 9.1EPSS: 1%CPEs: 5EXPL: 0CVE-2005-4342
https://notcve.org/view.php?id=CVE-2005-4342
17 Dec 2005 — ColdFusion Sandbox on Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and 7.0 does not throw an exception if the SecurityManager is disabled, which might allow remote attackers to "bypass security controls," aka "JRun Clustered Sandbox Security Vulnerability." ColdFusion Sandbox en Adobe (antes Macromedia) ColdFusion MX 6.0, 6.1, 6.1 con JRun, y 7.0, no lanza una excepción si el SecurityManager está inhabilitado, lo que podría permitir a atacantes remotos "evitar controles de seguridad", ... • http://secunia.com/advisories/18078 •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2005-4344
https://notcve.org/view.php?id=CVE-2005-4344
17 Dec 2005 — Adobe (formerly Macromedia) ColdFusion MX 7.0 does not honor when the CFOBJECT /CreateObject(Java) setting is disabled, which allows local users to create an object despite the specified configuration. Adobe (antes Macromedia) ColdFusion MX 7.0 no respeta que la configuración CFOBJECT/CreateObject (Java) esté inhabilitada, lo que permite a usuarios locales crear un objeto a pesar de la configuración especificada. • http://secunia.com/advisories/18078 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2005-4345
https://notcve.org/view.php?id=CVE-2005-4345
17 Dec 2005 — Adobe (formerly Macromedia) ColdFusion MX 7.0 exposes the password hash of the Administrator in an API call, which allows local developers to obtain the hash and gain privileges. Adobe (antes Macromedia) ColdFusion MX 7.0 expone la huella digital ('hash') de la contraseña de administrador en una llamada API, lo que permite a desarrolladores locales obtener la huella digital y ganar privilegios. • http://secunia.com/advisories/18078 •