2 matches found
CVE-2002-1026
CVE-2002-1026 affects Macromedia Sitespring 1.2.0 (277.1) using the Sybase runtime engine 7.0.2.1480. The vulnerability allows remote attackers to cause a denial of service (crash) via a long malformed request to TCP port 2500, possibly triggering a buffer overflow. Impact is listed as partial av...
CVE-2002-1027
CVE-2002-1027 describes a cross-site scripting flaw in Macromedia Sitespring 1.2.0 (277.1). The vulnerability resides in the default HTTP 500 error script (500error.jsp); an attacker can craft a link to 500error.jsp containing script in the 1the et parameter to execute arbitrary web script in a v...