Filtered by vendor Macromedia
Subscriptions
Filtered by product Coldfusion
Subscriptions
Total
25 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-1427 | 1 Macromedia | 1 Coldfusion | 2025-04-03 | N/A |
| Unknown vulnerability in ColdFusion Server 2.0 through 4.5.1 SP2 allows remote attackers to overwrite templates with zero byte files via unknown attack vectors. | ||||
| CVE-2002-1992 | 1 Macromedia | 2 Coldfusion, Coldfusion Professional | 2025-04-03 | N/A |
| Buffer overflow in jrun.dll in ColdFusion MX, when used with IIS 4 or 5, allows remote attackers to cause a denial of service in IIS via (1) a long template file name or (2) a long HTTP header. | ||||
| CVE-2003-1469 | 2 Macromedia, Microsoft | 5 Coldfusion, Coldfusion Professional, Windows 2000 and 2 more | 2025-04-03 | N/A |
| The default configuration of ColdFusion MX has the "Enable Robust Exception Information" option selected, which allows remote attackers to obtain the full path of the web server via a direct request to CFIDE/probe.cfm, which leaks the path in an error message. | ||||
| CVE-2004-1478 | 2 Hitachi, Macromedia | 4 Cosminexus Enterprise, Cosminexus Server, Coldfusion and 1 more | 2025-04-03 | N/A |
| JRun 4.0 does not properly generate and handle the JSESSIONID, which allows remote attackers to perform a session fixation attack and hijack a user's HTTP session. | ||||
| CVE-2005-4343 | 1 Macromedia | 1 Coldfusion | 2025-04-03 | N/A |
| Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and 7.0 allows remote attackers to attach arbitrary files and send mail via a crafted Subject field, which is not properly handled by the CFMAIL tag in applications that use ColdFusion, aka "CFMAIL injection Vulnerability". | ||||