Macromedia: >> Coldfusion >> 6.0 Security Vulnerabilities
Cross-site scripting vulnerability (XSS) in the missing template handler in Macromedia ColdFusion MX allows remote attackers to execute arbitrary script as other users by injecting script into the HTTP request for the name of a template, which is not filtered in the resulting 404 error message.
CVSS Score
4.3
EPSS Score
0.175
Published
2002-12-31
Buffer overflow in jrun.dll in ColdFusion MX, when used with IIS 4 or 5, allows remote attackers to cause a denial of service in IIS via (1) a long template file name or (2) a long HTTP header.
CVSS Score
5.0
EPSS Score
0.057
Published
2002-12-31
Heap-based buffer overflow in the error-handling mechanism for the IIS ISAPI handler in Macromedia ColdFusion 6.0 allows remote attackers to execute arbitrary via an HTTP GET request with a long .cfm file name.
CVSS Score
7.5
EPSS Score
0.04
Published
2002-11-29
Page 2