Macromedia : Security Vulnerabilities, CVEs, Published In 2003 CVSS score >= 3
The default configuration of ColdFusion MX has the "Enable Robust Exception Information" option selected, which allows remote attackers to obtain the full path of the web server via a direct request to CFIDE/probe.cfm, which leaks the path in an error message.
Max CVSS
5.0
EPSS Score
2.07%
Published
2003-12-31
Updated
2017-07-29
Cross-site scripting (XSS) vulnerability in Macromedia Flash ad user tracking capability allows remote attackers to insert arbitrary Javascript via the clickTAG field.
Max CVSS
4.3
EPSS Score
0.19%
Published
2003-05-05
Updated
2016-10-18
Macromedia Flash Player allows remote attackers to read arbitrary files via XML script in a .swf file that is hosted on a remote SMB share.
Max CVSS
5.0
EPSS Score
0.48%
Published
2003-03-31
Updated
2008-09-05
Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to bypass the same-domain restriction and read arbitrary files via (1) an HTTP redirect, (2) a "file://" base in a web document, or (3) a relative URL from a web archive (mht file).
Max CVSS
5.0
EPSS Score
0.30%
Published
2003-04-22
Updated
2008-09-05
4 vulnerabilities found