SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   


View Topics  >  Target  >  Macromedia ColdFusion

Dec 13 2011   Adobe ColdFusion Input Validation Flaws in cfform and RDS Permit Cross-Site Scripting Attacks
Nov 16 2011   Adobe ColdFusion Bugs Let Remote Users Obtain Information and Deny Service
Aug 18 2011   Adobe ColdFusion Input Validation Flaw in 'probe.cfm' Permits Cross-Site Scripting Attacks
Jun 14 2011   Adobe ColdFusion Permits Cross-Site Request Forgery and Denial of Service Attacks
Feb 8 2011   Adobe ColdFusion Flaws Permit Remote Session Hijacking, Cross-Site Scripting, and Information Disclosure
Jan 28 2011   Adobe ColdFusion Input Validation Hole Permits Cross-Site Scripting Attacks
Aug 10 2010   Adobe ColdFusion Directory Traversal Flaw Lets Remote Users Obtain Potentially Sensitive Information
May 12 2010   Adobe ColdFusion Input Validation Flaws Permit Cross-Site Scripting Attacks
Feb 2 2010   Adobe ColdFusion Discloses Solr Service Collections to Remote Users
Aug 17 2009   Adobe ColdFusion Bugs Permit Cross-Site Scripting, Information Disclosure, and Session Fixation Attacks
Jul 8 2009   (Adobe Issues Fix for ColdFusion) FCKeditor input Validation Flaw Lets Remote Users Upload Arbitrary Files
Nov 6 2008   Adobe ColdFusion Sandbox Bypass Flaw Lets Local Users Gain Elevated Privileges
Apr 9 2008   Adobe ColdFusion Lets Remote Users Access CFC Methods
Mar 12 2008   Adobe ColdFusion Does Not Audit Failed Login Attempts
Mar 11 2008   Adobe ColdFusion Application setEncoding() Bug Permits Cross-Site Scripting Attacks
Mar 11 2008   Adobe ColdFusion Input Validation Hole in Some CGI Parameters Permits Cross-Site Scripting Attacks
Nov 13 2007   Adobe ColdFusion CFID/CFTOKEN Bug May Let Remote Users Hijack Sessions
Apr 10 2007   Macromedia ColdFusion Unsafe Directory Permissions Lets Local Users Gain Root Privileges
Feb 14 2007   Adobe ColdFusion Input Validation Hole in JRun Administrative Console Permits Cross-Site Scripting Attacks
Feb 14 2007   Adobe ColdFusion Input Validation Flaw in Default Error Page Permits Cross-Site Scripting Attacks
Feb 14 2007   Adobe ColdFusion Input Validation Hole When Global Script Protection is Disabled Permits Cross-Site Scripting Attacks
Jan 10 2007   Macromedia ColdFusion Double-Encoded URL Processing Discloses Files to Remote Users
Dec 11 2006   Adobe ColdFusion Bugs Enable Cross-Site Scripting Evasion, Path Disclosure, and Internal Address Disclosure
Oct 11 2006   Macromedia ColdFusion 3rd Party Bug Lets Local Users Gain Local System Privileges
Sep 12 2006   Adobe ColdFusion Infinite Loop Permits Denial of Service Attacks and Input Validation Hole Permits Cross-Site Scripting Attacks
Aug 8 2006   Adobe ColdFusion Grants Users Access to AdminAPI
Dec 16 2005   ColdFusion MX Sandbox Lets Local Users Bypass CreateObject Restrictions and Obtain Authentication Information
Dec 16 2005   ColdFusion MX Bugs Let Remote Users Bypass Sandbox Restrictions and Attach and E-mail Arbitrary Files
Jul 15 2005   Macromedia ColdFusion May Generate Duplicate Authentication Tokens in Certain Cases
May 11 2005   Macromedia ColdFusion MX Input Validation Flaw in JRun Error Page Lets Remote Users Conduct Cross-Site Scripting Attacks
Apr 8 2005   Macromedia ColdFusion MX Updater Discloses '.class' Files to Remote Users
Oct 11 2004   Macromedia ColdFusion Provides Default Access to CFOBJECT Tag and CreateObject Function
Oct 1 2004   ColdFusion MX Lets Remote Authenticated Users Run Privileged Scripts
Sep 24 2004   ColdFusion MX May Disclose Source Code to Remote Users
Apr 15 2004   ColdFusion MX File Upload Disk Space Management Bug Lets Remote Users Deny Service
Mar 16 2004   (Vendor Issues Fix) Macromedia ColdFusion SOAP Request Processing Bug Lets Remote Users Deny Service
Mar 15 2004   Macromedia ColdFusion SOAP Request Processing Bug Lets Remote Users Deny Service
Jan 28 2004   Macromedia ColdFusion Lets Remote Users Deny Service By Sending Many Form Fields
Jan 28 2004   Macromedia ColdFusion MX 6.1 Access Control Flaw Lets Objects Bypass Sandbox Security
Dec 10 2003   Macromedia ColdFusion XML Parsing Lets Remote Users Consume CPU Resources With SOAP Requests
Sep 19 2003   ColdFusion Default Error Handlers Permit Remote Cross-Site Scripting Attacks
Jul 10 2003   ColdFusion MX Discloses Page Source Code to Remote Users
Jul 7 2003   ColdFusion MX Server Default Configuration Gives Remote Users RDS Access
Apr 26 2003   Macromedia ColdFusion MX Server Discloses Installation Path to Remote Users
Jan 30 2003   ColdFusion MX Configuration Error When Used With IIS and NT Authentication May Grant Unauthorized Access to Remote Authenticated Users
Jan 10 2003   Macromedia ColdFusion MX Input Validation Flaw Lets Certain Remote Authenticated Users Access Arbitrary Data on the Server
Dec 13 2002   Macromedia ColdFusion Server Bug In Parsing XML DTDs May Let Remote Users Crash the Server
Nov 7 2002   Macromedia ColdFusion Source Code May Be Disclosed to Remote Users
Jun 28 2002   ColdFusion MX Buffer Overflow When Used With Microsoft Internet Information Server (IIS) Lets Remote Users Crash the IIS Web Server or Execute Arbitrary Code
Jun 14 2002   (Allaire Issues Fix) Macromedia ColdFusion Web Application Server Allows Remote Users to Conduct Cross-Site Scripting Attacks to Steal Authentication Cookies
Jun 13 2002   Macromedia ColdFusion May Let One User's JSP Code Gain Unauthorized Access to Another User's Data on a Shared Server
May 9 2002   (Vendor Issues Workaround Solutions) Re: Macromedia ColdFusion Server Discloses Installation Path to Remote Users
Apr 18 2002   Macromedia ColdFusion Server Discloses Installation Path to Remote Users
Apr 16 2002   Macromedia ColdFusion Web Application Server Allows Remote Users to Conduct Cross-Site Scripting Attacks to Steal Authentication Cookies
Nov 28 2001   Allaire ColdFusion Sandbox Security Design Flaw May Let Remote Users Execute Code With System Level Privileges in Certain Configurations
Aug 7 2001   Allaire's Macromedia ColdFusion Server Lets Remote Users View Any File on the System or Execute Arbitrary Commands with Root/System Level Privileges
Aug 3 2001   (Vendor Responds) Re: Cold Fusion Server on Linux Lets Local Users Crash the Server and View Sensitive Memory Contents
Aug 1 2001   Cold Fusion Server on Linux Lets Local Users Crash the Server and View Sensitive Memory Contents
Jul 11 2001   ColdFusion Server Lets Remote Users Read and Delete Files on the Server







Home   |    View Topics   |    Search   |    Contact Us

Copyright 2012, SecurityGlobal.net LLC