VYPR

Coldfusion

by Macromedia

CVEs (27)

  • CVE-2004-1815Mar 15, 2004
    risk 0.00cvss epss 0.02

    Unknown vulnerability in ColdFusion MX 6.0 and 6.1, and JRun 4.0, when a SOAP web service expects an array of objects as an argument, allows remote attackers to cause a denial of service (memory consumption).

  • CVE-2002-1992Dec 31, 2002
    risk 0.00cvss epss 0.02

    Buffer overflow in jrun.dll in ColdFusion MX, when used with IIS 4 or 5, allows remote attackers to cause a denial of service in IIS via (1) a long template file name or (2) a long HTTP header.

  • CVE-2002-1309Nov 29, 2002
    risk 0.00cvss epss 0.02

    Heap-based buffer overflow in the error-handling mechanism for the IIS ISAPI handler in Macromedia ColdFusion 6.0 allows remote attackers to execute arbitrary via an HTTP GET request with a long .cfm file name.

  • CVE-2002-0576Jun 18, 2002
    risk 0.00cvss epss 0.03

    ColdFusion 5.0 and earlier on Windows systems allows remote attackers to determine the absolute pathname of .cfm or .dbm files via an HTTP request that contains an MS-DOS device name such as NUL, which leaks the pathname in an error message.

  • CVE-2001-1514Dec 31, 2001
    risk 0.00cvss epss 0.01

    ColdFusion 4.5 and 5, when running on Windows with the advanced security sandbox type set to "operating system," does not properly pass security context to (1) child processes created with and (2) child processes that call the CreateProcess function and are executed…

  • CVE-2001-0535Oct 30, 2001
    risk 0.00cvss epss 0.02

    Example applications (Exampleapps) in ColdFusion Server 4.x do not properly restrict prevent access from outside the local host's domain, which allows remote attackers to conduct upload, read, or execute files by spoofing the "HTTP Host" (CGI.Host) variable in (1) the "Web…

  • CVE-2001-1427Jul 11, 2001
    risk 0.00cvss epss 0.02

    Unknown vulnerability in ColdFusion Server 2.0 through 4.5.1 SP2 allows remote attackers to overwrite templates with zero byte files via unknown attack vectors.

Page 2 of 2