Page 7 of 116 results (0.007 seconds)

CVSS: 4.3EPSS: 15%CPEs: 1EXPL: 1

An ActiveX control in SwDir.dll in Macromedia Shockwave 10 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long string in the swURL attribute. Un control ActiveX en SwDir.dll en Macromedia Shockwave 10 permite a un atacante remoto provocar denegación de servicio (caida de Internet Explorer 7) a través de una cadena en el atributo swURL. • https://www.exploit-db.com/exploits/3042 http://www.securityfocus.com/bid/22067 https://exchange.xforce.ibmcloud.com/vulnerabilities/31160 •

CVSS: 5.0EPSS: 3%CPEs: 4EXPL: 2

Flash8b.ocx in Macromedia Flash 8 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long string in the Flash8b.AllowScriptAccess method. Flash8b.ocx en Macromedia Flash 8 permite a atacantes remotos provocar denegación de servicio (caida del Internet Explorer 7) a través de grandes cadenas en el método Flash8b.AllowScriptAccess. • https://www.exploit-db.com/exploits/3041 http://www.securityfocus.com/bid/21818 https://exchange.xforce.ibmcloud.com/vulnerabilities/31156 •

CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0

The AdminAPI of ColdFusion MX 7 allows attackers to bypass authentication by using "programmatic access" to the adminAPI instead of the ColdFusion Administrator. La AdminAPI de ColdFusion MX 7 permite a atacantes remotos evitar autenticación usando "acceso programático" a la adminAPI en vez del Administrador ColdFusion. • http://secunia.com/advisories/21421 http://securitytracker.com/id?1016660 http://www.adobe.com/support/security/bulletins/apsb06-10.html http://www.securityfocus.com/bid/19426 http://www.vupen.com/english/advisories/2006/3224 https://exchange.xforce.ibmcloud.com/vulnerabilities/28294 •

CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 1

Cross-site scripting (XSS) vulnerability in the validation feature in Macromedia ColdFusion 5 and earlier allows remote attackers to inject arbitrary web script or HTML via a "_required" field when the associated normal field is missing or empty, which is not sanitized before being presented in an error message. • http://securityreason.com/securityalert/894 http://www.securityfocus.com/archive/1/433819 http://www.securityfocus.com/bid/17938 https://exchange.xforce.ibmcloud.com/vulnerabilities/26508 •

CVSS: 5.1EPSS: 50%CPEs: 14EXPL: 0

Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a crafted SWF file. • http://docs.info.apple.com/article.html?artnum=307179 http://lists.apple.com/archives/security-announce/2006/May/msg00003.html http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html http://secunia.com/advisories/19198 http://secunia.com/advisories/19218 http://secunia.com/advisories/19259 http://secunia.com/advisories/19328 http://secunia.com/advisories/20045 http://secunia.com/advisories/20077 http://secunia.com/advisories/28136 http://securitytracker.com/id?10 •