CVE-2001-1545

2001-12-31T00:00:00
ID CVE-2001-1545
Type cve
Reporter NVD
Modified 2008-09-05T16:26:49

Description

Macromedia JRun 3.0 and 3.1 appends the jsessionid to URL requests (a.k.a. rewriting) when client browsers have cookies enabled, which allows remote attackers to obtain session IDs and hijack sessions via HTTP referrer fields or sniffing.