RSS   Vulnerabilities for 'Sitespring'   RSS

2002-10-04
 
CVE-2002-1027

 

 
Cross-site scripting vulnerability in the default HTTP 500 error script (500error.jsp) for Macromedia Sitespring 1.2.0 (277.1) allows remote attackers to execute arbitrary web script via a link to 500error.jsp with the script in 1the et parameter.

 
 
CVE-2002-1026

 

 
Macromedia Sitespring 1.2.0 (277.1) using Sybase runtime engine 7.0.2.1480 allows remote attackers to cause a denial of service (crash) via a long malformed request to TCP port 2500, possibly triggering a buffer overflow.

 

 >>> Vendor: Macromedia 19 Products
Coldfusion server
Coldfusion
Dreamweaver
Matrix screen saver
Shockwave flash plugin
Studio
JRUN
Flash
Flash player
Shockwave flash
Sitespring
Shockwave
Coldfusion professional
Director
Contribute
Coldfusion fusebox
Breeze
Flash communication server
Flash media server


Copyright 2024, cxsecurity.com

 

Back to Top