Macromedia Security Bulletin - ColdFusion MX 6.1

MPSB05-02 - Workaround available for ColdFusion MX 6.1 Updater file disclosure. Originally posted: April 7, 2005 http://www.macromedia.com/go/mpsb05-02 Summary: ColdFusion 6.1 Updater 1 in the ColdFusion MX for JRun4 configuration only creates a /WEB-INF/cfclasses directory under the web server...

coldfusionmx61.txt

Software: Macromedia ColdFusion MX 6.1 Description: There is a vulnerability in the ColdFusion MX 6.1 product. To exploit this, a user needs access to create a cold fusion template on a ColdFusion server with CreateObject or cfobject tags enabled. The code given below writes a java class to the...

CFMX vulnerability

Software: Macromedia ColdFusion MX 6.1 Description: There is a vulnerability in the ColdFusion MX 6.1 product. To exploit this, a user needs access to create a cold fusion template on a ColdFusion server with CreateObject or cfobject tags enabled. The code given below writes a java class to the...

CVE-2002-1990

Resin 2.0.5 through 2.1.2 allows remote attackers to reveal physical path information via a URL request for the example Java class file HelloServlet...

CVE-2002-1295

The CVE-2002-1295 entry concerns the Microsoft Java VM used by Internet Explorer. The vulnerability arises when HTML applet tags bypass Java class restriction checks by supplying the class name in the code parameter, allowing remote attackers to cause a crash (denial of service) and potentially p...