Macromedia Coldfusion vulnerabilities

CVE-2002-1309 [HIGH] CVE-2002-1309: Heap-based buffer overflow in the error-handling mechanism for the IIS ISAPI handler in Macromedia C Heap-based buffer overflow in the error-handling mechanism for the IIS ISAPI handler in Macromedia ColdFusion 6.0 allows remote attackers to execute arbitrary via an HTTP GET request with a long .cfm file name.

CVE-2001-1514 [CRITICAL] CVE-2001-1514: ColdFusion 4.5 and 5, when running on Windows with the advanced security sandbox type set to "operat ColdFusion 4.5 and 5, when running on Windows with the advanced security sandbox type set to "operating system," does not properly pass security context to (1) child processes created with and (2) child processes that call the CreateProcess function and are executed with or end with the CFX extension, which allows attackers to execute programs with the perm

CVE-2001-1427 [HIGH] CVE-2001-1427: Unknown vulnerability in ColdFusion Server 2.0 through 4.5.1 SP2 allows remote attackers to overwrit Unknown vulnerability in ColdFusion Server 2.0 through 4.5.1 SP2 allows remote attackers to overwrite templates with zero byte files via unknown attack vectors.