6 matches found
EUVD-2006-3972
Malware in sbrugna...
CVE-2007-1874
CVE-2007-1874 affects Adobe ColdFusion MX 7 for Linux and Solaris. The vulnerability stems from insecure permissions on specific scripts and directories (including CFMX7DreamWeaverExtensions.mxp, CFReportBuilderInstaller.exe, .com.zerog.registry.xml, uninstall.lax, license.txt, Readme.htm, k2admi...
JVN#28356427 ColdFusion cross-site scripting vulnerability
Impact An arbitrary script may be executed on the user's web browser. If session information from a cookie is leaked, an attacker could possibly conduct a session hijacking. Solution Products Affected ColdFusion MX 7.X For more information, refer to the vendor's website...
CVE-2006-3978
The CVE-2006-3978 entry covers an unspecified vulnerability in a Verity third‑party library used by Adobe ColdFusion MX 7 through MX 7.0.2 (and possibly other products). The vulnerability is described as allowing local users to execute arbitrary code via unknown attack vectors, i.e., a local priv...
CVE-2006-3979
The AdminAPI of ColdFusion MX 7 allows attackers to bypass authentication by using "programmatic access" to the adminAPI instead of the ColdFusion Administrator...
New Macromedia Security Zone Bulletin Posted
IMPORTANT: A new security bulletin describes a configuration problem that may affect ColdFusion installations. To learn about this new issue and what actions you can take to address it, please visit the Macromedia Security Zone: http://www.macromedia.com/go/mpsb05-03 MPSB05-03 ColdFusion MX 7...