Secunia SmallBusiness
Overview
Advisories
Research
Forums
Create Profile
Our Commitment
Database
Search
Advisories by Product
Advisories by Vendor
Terminology
Report Vulnerability
Insecure Library Loading

Vulnerability Report: Macromedia ColdFusion MX 6.x
This vulnerability report for Macromedia ColdFusion MX 6.x contains a complete overview of all Secunia advisories affecting it. You can use this vulnerability report to ensure that you are aware of all vulnerabilities, both patched and unpatched, affecting this product allowing you to take the necessary precautions.

If you have information about a new or an existing vulnerability in Macromedia ColdFusion MX 6.x then you are more than welcome to contact us.


Table of Contents

1. Product Summary Only

2. Secunia Advisory Statistics (All time)
2.1. Statistics for 2013
2.2. Statistics for 2012
2.3. Statistics for 2011
2.4. Statistics for 2010
2.5. Statistics for 2009
2.6. Statistics for 2008
2.7. Statistics for 2007
2.8. Statistics for 2006
2.9. Statistics for 2005
2.10. Statistics for 2004
2.11. Statistics for 2003

3. List of Secunia Advisories (All time)
3.1. List for 2013
3.2. List for 2012
3.3. List for 2011
3.4. List for 2010
3.5. List for 2009
3.6. List for 2008
3.7. List for 2007
3.8. List for 2006
3.9. List for 2005
3.10. List for 2004
3.11. List for 2003

4. Send Feedback
 
Vendor, Links, and Unpatched Vulnerabilities

Vendor Macromedia

Product Link View Here (Link to external site)

Affected By 20 Secunia advisories
11 Vulnerabilities

Monitor Product Receive alerts for this product

Unpatched 0% (0 of 20 Secunia advisories)

Most Critical Unpatched
There are no unpatched Secunia advisories affecting this product, when all vendor patches are applied..




20 Secunia Advisories in 2003-2013
Secunia has issued a total of 20 Secunia advisories in 2003-2013 for Macromedia ColdFusion MX 6.x. Currently, 0% (0 out of 20) are marked as unpatched.

More information about the specific Secunia advisories affecting Macromedia ColdFusion MX 6.x can be found below. Each Secunia advisory is enclosed by a box highlighted with a color representing its current patch status. You can read the complete Secunia advisories for thorough descriptions of the issues covered and for solution suggestions by clicking either the Secunia advisory title or the "Read More" links available for each Secunia advisory.



Adobe JRun IIS 6 Connector Denial of Service
Vendor Patch. Secunia Advisory 1 of 3 in 2007. 12,358 views.
Release Date:
2007-03-14		 Secunia Advisory ID:
SA24488		 Solution Status:
Vendor Patch
Criticality:
 Impact:
DoS
 Where:
From remote
Short Description:
A vulnerability has been reported in Adobe JRun, which potentially can be exploited by malicious people to cause a DoS (Denial of Service). [Read More]

Adobe ColdFusion MX Cross-Site Scripting Vulnerabilities
Vendor Patch. Secunia Advisory 2 of 3 in 2007. 11,838 views.
Release Date:
2007-02-14		 Secunia Advisory ID:
SA24115		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Cross Site Scripting
 Where:
From remote
Short Description:
Two vulnerabilities have been reported in Adobe ColdFusion MX, which can be exploited by malicious people to conduct cross-site scripting attacks. [Read More]

Adobe JRun Administrator Console Cross-Site Scripting
Vendor Patch. Secunia Advisory 3 of 3 in 2007. 10,327 views.
Release Date:
2007-02-14		 Secunia Advisory ID:
SA24093		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Cross Site Scripting
 Where:
From remote
Short Description:
A vulnerability has been reported in Adobe JRun, which can be exploited by malicious people to conduct cross-site scripting attacks. [Read More]

ColdFusion Error Page Cross-Site Scripting Vulnerability
Vendor Patch. Secunia Advisory 1 of 1 in 2006. 11,934 views.
Release Date:
2006-09-13		 Secunia Advisory ID:
SA21858		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Cross Site Scripting
 Where:
From remote
Short Description:
A vulnerability has been reported in ColdFusion, which can be exploited by malicious people to conduct cross-site scripting attacks. [Read More]

Macromedia ColdFusion Multiple Vulnerabilities
Vendor Patch. Secunia Advisory 1 of 3 in 2005. 14,847 views.
Release Date:
2005-12-16		 Secunia Advisory ID:
SA18078		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Security Bypass
Exposure of sensitive information
 Where:
From remote
Short Description:
Some vulnerabilities have been reported in Macromedia ColdFusion, which can be exploited by malicious people to bypass certain security restrictions, or by malicious, local users to disclose potentially sensitive information and bypass certain security restrictions. [Read More]

Macromedia JRun Authentication Token Security Issue
Vendor Patch. Secunia Advisory 2 of 3 in 2005. 11,079 views.
Release Date:
2005-07-15		 Secunia Advisory ID:
SA16081		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Security Bypass
 Where:
From remote
Short Description:
A security issue has been reported in JRun, which can result in malicious users gaining access to another user's session. [Read More]

Macromedia ColdFusion MX Exposure of Class Files
Vendor Workaround. Secunia Advisory 3 of 3 in 2005. 11,110 views.
Release Date:
2005-04-08		 Secunia Advisory ID:
SA14881		 Solution Status:
Vendor Workaround
Criticality:
 Impact:
Exposure of sensitive information
 Where:
From remote
Short Description:
Sean Waddell has reported a security issue in Macromedia ColdFusion MX, which can be exploited by malicious people to disclose some potentially sensitive information. [Read More]

Macromedia ColdFusion MX Security Bypass Vulnerability
Vendor Workaround. Secunia Advisory 1 of 5 in 2004. 15,006 views.
Release Date:
2004-10-04		 Secunia Advisory ID:
SA12693		 Solution Status:
Vendor Workaround
Criticality:
 Impact:
Security Bypass
 Where:
From remote
Short Description:
Eric Lackey has reported a vulnerability in ColdFusion MX, which can be exploited by malicious, authenticated users to bypass certain security restrictions. [Read More]

ColdFusion MX Sensitive Information Disclosure and Denial of Service
Vendor Patch. Secunia Advisory 2 of 5 in 2004. 22,059 views.
Release Date:
2004-09-24		 Secunia Advisory ID:
SA12647		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Exposure of sensitive information
DoS
 Where:
From remote
Short Description:
Two vulnerabilities have been reported in ColdFusion MX Server, which can be exploited by malicious people to disclose sensitive information and cause a DoS (Denial of Service). [Read More]

Macromedia ColdFusion File Upload Denial of Service Vulnerability
Vendor Patch. Secunia Advisory 3 of 5 in 2004. 11,203 views.
Release Date:
2004-04-16		 Secunia Advisory ID:
SA11392		 Solution Status:
Vendor Patch
Criticality:
 Impact:
DoS
 Where:
From remote
Short Description:
Chip Self has discovered a vulnerability in ColdFusion, which can be exploited by malicious users to cause a DoS (Denial of Service). [Read More]

Macromedia ColdFusion MX / JRun SOAP Request Denial of Service
Vendor Patch. Secunia Advisory 4 of 5 in 2004. 11,812 views.
Release Date:
2004-03-16		 Secunia Advisory ID:
SA11132		 Solution Status:
Vendor Patch
Criticality:
 Impact:
DoS
 Where:
From remote
Short Description:
Amit Klein has discovered a vulnerability in ColdFusion MX and JRun, which can be exploited by malicious people to cause a DoS (Denial-of-Service). [Read More]

Cold Fusion MX Form Denial of Service and Sandbox Bypass
Vendor Patch. Secunia Advisory 5 of 5 in 2004. 9,304 views.
Release Date:
2004-01-29		 Secunia Advisory ID:
SA10743		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Security Bypass
DoS
 Where:
From remote
Short Description:
Macromedia has reported two vulnerabilities in ColdFusion, which can be exploited by malicious people to cause a Denial of Service or by local users to bypass the sandbox restrictions. [Read More]

Multiple Vendor SOAP Server XML Parser Denial of Service
Vendor Patch. Secunia Advisory 1 of 7 in 2003. 13,529 views.
Release Date:
2003-12-10		 Secunia Advisory ID:
SA10398		 Solution Status:
Vendor Patch
Criticality:
 Impact:
DoS
 Where:
From remote
Short Description:
A vulnerability has been identified in various products, which can be exploited by malicious people to cause a DoS (Denial of Service). [Read More]

Macromedia ColdFusion Default Error Handlers Cross-Site Scripting
Vendor Patch. Secunia Advisory 2 of 7 in 2003. 9,431 views.
Release Date:
2003-09-22		 Secunia Advisory ID:
SA9807		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Cross Site Scripting
 Where:
From remote
Short Description:
A vulnerability has been identified in ColdFusion, which can be exploited by malicious people to conduct Cross-Site Scripting attacks against visitors. [Read More]

Macromedia ColdFusion MX / JRun Source Code Disclosure Vulnerability
Vendor Patch. Secunia Advisory 3 of 7 in 2003. 11,907 views.
Release Date:
2003-07-10		 Secunia Advisory ID:
SA9222		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Exposure of sensitive information
 Where:
From remote
Short Description:
A vulnerability has been identified in some versions of Macromedia ColdFusion MX and JRun, which can be exploited by malicious people to gain knowledge of sensitive information. [Read More]

ColdFusion MX Java Environment Integer Overflow Vulnerability
Vendor Patch. Secunia Advisory 4 of 7 in 2003. 9,719 views.
Release Date:
2003-04-30		 Secunia Advisory ID:
SA8698		 Solution Status:
Vendor Patch
Criticality:
 Impact:
DoS
 Where:
Local system
Short Description:
An error in the JVM (Java Virtual Machine) version 1.3.1 shipped with Macromedia ColdFusion can be exploited by a malicious ".cfm" file to cause a DoS (Denial of Service) on a vulnerable system. [Read More]

ColdFusion MX Path Disclosure Weakness
Vendor Workaround. Secunia Advisory 5 of 7 in 2003. 9,653 views.
Release Date:
2003-04-28		 Secunia Advisory ID:
SA8671		 Solution Status:
Vendor Workaround
Criticality:
 Impact:
Exposure of system information
 Where:
From remote
Short Description:
An information disclosure weakness has been reported in Macromedia ColdFusion MX, which can be exploited by malicious people to disclose system information. [Read More]

ColdFusion MX access to templates
Vendor Patch. Secunia Advisory 6 of 7 in 2003. 10,396 views.
Release Date:
2003-01-31		 Secunia Advisory ID:
SA7978		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Security Bypass
 Where:
From remote
Short Description:
[Read More]

ColdFusion access to arbitrary files
Vendor Patch. Secunia Advisory 7 of 7 in 2003. 7,189 views.
Release Date:
2003-01-14		 Secunia Advisory ID:
SA7864		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Exposure of sensitive information
 Where:
From remote
Short Description:
ColdFusion accepts filenames with relative paths in the cfinclude and cfmodule tags. This allows users to create templates that access files outside the sandbox. [Read More]

Macromedia Jrun and ColdFusion Denial of Service
Vendor Patch. Secunia Advisory 1 of 1 in 2002. 7,603 views.
Release Date:
2002-12-12		 Secunia Advisory ID:
SA7691		 Solution Status:
Vendor Patch
Criticality:
 Impact:
DoS
 Where:
From remote
Short Description:
Macromedia Jrun and ColdFusion does not handle incorrectly formed messages to the SOAP interfaces correctly. This can be abused to cause an almost infinite loop which uses almost all CPU resources. [Read More]




Discuss this Product
A new thread in our forum is automatically created for each Product. Activate the thread by commenting/discussing below.
Subject: Macromedia ColdFusion MX 6.x 
No posts yet

-

You must be logged in to post a comment.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Factsheets
Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom
 
© 2002-2013 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability