An ActiveX control in SwDir.dll in Macromedia Shockwave 10 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long string in the swURL attribute.
Max CVSS
4.3
EPSS Score
15.03%
Published
2006-12-31
Updated
2017-10-19
Cross-site scripting (XSS) vulnerability in ColdFusion Fusebox 4.1.0 allows remote attackers to inject arbitrary web script or HTML via the fuseaction parameter, which is not quoted in an error page, as demonstrated using index.cfm.
Max CVSS
4.3
EPSS Score
0.27%
Published
2005-08-05
Updated
2017-07-11
Race condition in Macromedia JRun 4.0, ColdFusion MX 6.1 and 7.0, when under heavy load, causes JRun to assign a duplicate authentication token to multiple sessions, which could allow authenticated users to gain privileges as other users.
Max CVSS
3.7
EPSS Score
0.05%
Published
2005-07-19
Updated
2008-09-05
Cross-site scripting (XSS) vulnerability in the JRun Web Server in ColdFusion MX 7.0 allows remote attackers to inject arbitrary script or HTML via the URL, which is not properly quoted in the resulting default 404 error page.
Max CVSS
4.3
EPSS Score
0.26%
Published
2005-05-10
Updated
2017-07-11
Cross-site scripting (XSS) vulnerability in the Management Console in JRun 4.0 allows remote attackers to execute arbitrary web script or HTML and possibly hijack a user's session.
Max CVSS
4.3
EPSS Score
0.44%
Published
2004-12-31
Updated
2017-07-11
Cross-site scripting (XSS) vulnerability in Macromedia Flash ad user tracking capability allows remote attackers to insert arbitrary Javascript via the clickTAG field.
Max CVSS
4.3
EPSS Score
0.19%
Published
2003-05-05
Updated
2016-10-18
Cross-site scripting vulnerability (XSS) in the missing template handler in Macromedia ColdFusion MX allows remote attackers to execute arbitrary script as other users by injecting script into the HTTP request for the name of a template, which is not filtered in the resulting 404 error message.
Max CVSS
4.3
EPSS Score
1.15%
Published
2002-12-31
Updated
2018-10-30
Macromedia "The Matrix" screen saver on Windows 95 with the "Password protected" option enabled allows attackers with physical access to the machine to bypass the password prompt by pressing the ESC (Escape) key.
Max CVSS
4.6
EPSS Score
0.12%
Published
1999-10-04
Updated
2016-10-18
8 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!