Lucene search

K
MacromediaColdfusion

7 matches found

CVE
CVE
added 2002/11/29 5:0 a.m.46 views

CVE-2002-1309

Heap-based buffer overflow in the error-handling mechanism for the IIS ISAPI handler in Macromedia ColdFusion 6.0 allows remote attackers to execute arbitrary via an HTTP GET request with a long .cfm file name.

7.5CVSS8.2AI score0.04016EPSS
CVE
CVE
added 2005/02/13 5:0 a.m.43 views

CVE-2004-1478

JRun 4.0 does not properly generate and handle the JSESSIONID, which allows remote attackers to perform a session fixation attack and hijack a user's HTTP session.

7.5CVSS6.7AI score0.07163EPSS
CVE
CVE
added 2005/03/22 5:0 a.m.37 views

CVE-2001-1427

Unknown vulnerability in ColdFusion Server 2.0 through 4.5.1 SP2 allows remote attackers to overwrite templates with zero byte files via unknown attack vectors.

7.5CVSS7AI score0.07612EPSS
CVE
CVE
added 2005/12/19 3:47 a.m.37 views

CVE-2005-4342

ColdFusion Sandbox on Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and 7.0 does not throw an exception if the SecurityManager is disabled, which might allow remote attackers to "bypass security controls," aka "JRun Clustered Sandbox Security Vulnerability."

7.5CVSS7.2AI score0.00986EPSS
CVE
CVE
added 2005/12/19 3:47 a.m.34 views

CVE-2005-4345

Adobe (formerly Macromedia) ColdFusion MX 7.0 exposes the password hash of the Administrator in an API call, which allows local developers to obtain the hash and gain privileges.

7.2CVSS7AI score0.00013EPSS
CVE
CVE
added 2006/08/09 10:4 a.m.34 views

CVE-2006-3979

The AdminAPI of ColdFusion MX 7 allows attackers to bypass authentication by using "programmatic access" to the adminAPI instead of the ColdFusion Administrator.

7.2CVSS7.3AI score0.0002EPSS
CVE
CVE
added 2005/07/10 4:0 a.m.31 views

CVE-2004-2204

Macromedia ColdFusion MX 6.0 and 6.1 application server, when running with the CreateObject function or CFOBJECT tag enabled, allows local users to conduct unauthorized activities and obtain administrative passwords by creating CFML scripts that use CreateObject or CFOBJECT.

7.2CVSS6.8AI score0.00012EPSS