Macromedia: Security Vulnerabilities
Servlet examples in Allaire JRun 2.3.x allow remote attackers to obtain sensitive information, e.g. listing HttpSession ID's via the SessionServlet servlet.
CVSS Score
6.4
EPSS Score
0.005
Published
2000-06-22
JSP sample files in Allaire JRun 2.3.x allow remote attackers to access arbitrary files (e.g. via viewsource.jsp) or obtain configuration information.
CVSS Score
5.0
EPSS Score
0.006
Published
2000-06-22
Macromedia "The Matrix" screen saver on Windows 95 with the "Password protected" option enabled allows attackers with physical access to the machine to bypass the password prompt by pressing the ESC (Escape) key.
CVSS Score
4.6
EPSS Score
0.0
Published
1999-10-04
Auto-update feature of Macromedia Shockwave 7 transmits a user's password and hard disk information back to Macromedia.
CVSS Score
5.0
EPSS Score
0.001
Published
1999-03-11
Macromedia Dreamweaver uses weak encryption to store FTP passwords, which could allow local users to easily decrypt the passwords of other users.
CVSS Score
2.1
EPSS Score
0.0
Published
1998-06-11
Macromedia Shockwave before 6.0 allows a malicious webmaster to read a user's mail box and possibly access internal web servers via the GetNextText command on a Shockwave movie.
CVSS Score
5.1
EPSS Score
0.001
Published
1997-03-14
Page 12