Filtered by vendor Macromedia
Subscribe
Total
116 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2010-2176 | 2 Adobe, Macromedia | 3 Air, Flash Player, Flash Player | 2023-12-10 | 9.3 HIGH | N/A |
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. | |||||
CVE-2010-2166 | 2 Adobe, Macromedia | 3 Air, Flash Player, Flash Player | 2023-12-10 | 9.3 HIGH | N/A |
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. | |||||
CVE-2010-2177 | 2 Adobe, Macromedia | 3 Air, Flash Player, Flash Player | 2023-12-10 | 9.3 HIGH | N/A |
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. | |||||
CVE-2010-2182 | 2 Adobe, Macromedia | 3 Air, Flash Player, Flash Player | 2023-12-10 | 9.3 HIGH | N/A |
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. | |||||
CVE-2010-2171 | 2 Adobe, Macromedia | 3 Air, Flash Player, Flash Player | 2023-12-10 | 9.3 HIGH | N/A |
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors related to SWF files, decompression of embedded JPEG image data, and the DefineBits and other unspecified tags, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. | |||||
CVE-2010-2170 | 2 Adobe, Macromedia | 3 Air, Flash Player, Flash Player | 2023-12-10 | 9.3 HIGH | N/A |
Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2181 and CVE-2010-2183. | |||||
CVE-2010-3654 | 7 Adobe, Apple, Google and 4 more | 9 Acrobat, Acrobat Reader, Flash Player and 6 more | 2023-12-10 | 9.3 HIGH | N/A |
Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010. | |||||
CVE-2010-2162 | 2 Adobe, Macromedia | 3 Air, Flash Player, Flash Player | 2023-12-10 | 9.3 HIGH | N/A |
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via vectors related to improper length calculation and the (1) STSC, (2) STSZ, and (3) STCO atoms. | |||||
CVE-2009-3793 | 2 Adobe, Macromedia | 3 Air, Flash Player, Flash Player | 2023-12-10 | 9.3 HIGH | N/A |
Unspecified vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory consumption) or possibly execute arbitrary code via unknown vectors. | |||||
CVE-2010-2187 | 2 Adobe, Macromedia | 3 Air, Flash Player, Flash Player | 2023-12-10 | 9.3 HIGH | N/A |
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, and CVE-2010-2188. | |||||
CVE-2006-6827 | 1 Macromedia | 1 Flash Player | 2023-12-10 | 5.0 MEDIUM | N/A |
Flash8b.ocx in Macromedia Flash 8 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long string in the Flash8b.AllowScriptAccess method. | |||||
CVE-2007-1403 | 1 Macromedia | 1 Shockwave | 2023-12-10 | 7.5 HIGH | N/A |
Multiple stack-based buffer overflows in an ActiveX control in SwDir.dll 10.1.4.20 in Macromedia Shockwave allow remote attackers to cause a denial of service (Internet Explorer 7 crash) and possibly execute arbitrary code via a long (1) BGCOLOR, (2) SRC, (3) AutoStart, (4) Sound, (5) DrawLogo, or (6) DrawProgress property value, different vectors than CVE-2006-6885. | |||||
CVE-2006-6885 | 1 Macromedia | 1 Shockwave | 2023-12-10 | 4.3 MEDIUM | N/A |
An ActiveX control in SwDir.dll in Macromedia Shockwave 10 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long string in the swURL attribute. | |||||
CVE-2005-4345 | 1 Macromedia | 1 Coldfusion | 2023-12-10 | 7.2 HIGH | N/A |
Adobe (formerly Macromedia) ColdFusion MX 7.0 exposes the password hash of the Administrator in an API call, which allows local developers to obtain the hash and gain privileges. | |||||
CVE-2005-3900 | 1 Macromedia | 1 Breeze | 2023-12-10 | 7.8 HIGH | N/A |
Macromedia Breeze Communication Server and Breeze Live Server does 5.1 and earlier not sufficiently validate certain RTMP data, which allows attackers to cause a denial of service (instability or crash), as demonstrated using an alpha release build of Flash Player 8.5 (build 133). | |||||
CVE-2005-3901 | 1 Macromedia | 1 Flash Communication Server | 2023-12-10 | 7.8 HIGH | N/A |
Macromedia Flash Communication Server MX 1.0 and 1.5 does not sufficiently validate certain RTMP data, which allows attackers to cause a denial of service (instability or crash), as demonstrated using an alpha release build of Flash Player 8.5 (build 133). | |||||
CVE-2005-4342 | 1 Macromedia | 1 Coldfusion | 2023-12-10 | 7.5 HIGH | N/A |
ColdFusion Sandbox on Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and 7.0 does not throw an exception if the SecurityManager is disabled, which might allow remote attackers to "bypass security controls," aka "JRun Clustered Sandbox Security Vulnerability." | |||||
CVE-2006-3979 | 1 Macromedia | 1 Coldfusion | 2023-12-10 | 7.2 HIGH | N/A |
The AdminAPI of ColdFusion MX 7 allows attackers to bypass authentication by using "programmatic access" to the adminAPI instead of the ColdFusion Administrator. | |||||
CVE-2005-1022 | 1 Macromedia | 1 Coldfusion | 2023-12-10 | 5.0 MEDIUM | N/A |
ColdFusion 6.1 Updater 1 places Java .class files under the web root in the /WEB-INF/cfclasses directory, which allows remote attackers to obtain sensitive information. | |||||
CVE-2005-2306 | 1 Macromedia | 2 Coldfusion, Jrun | 2023-12-10 | 3.7 LOW | N/A |
Race condition in Macromedia JRun 4.0, ColdFusion MX 6.1 and 7.0, when under heavy load, causes JRun to assign a duplicate authentication token to multiple sessions, which could allow authenticated users to gain privileges as other users. |