50 matches found
CVE-2001-1545
Macromedia JRun 3.0 and 3.1 appends the jsessionid to URL requests a.k.a. rewriting when client browsers have cookies enabled, which allows remote attackers to obtain session IDs and hijack sessions via HTTP referrer fields or sniffing...
EUVD-2002-2165
Malware in sbrugna...
EUVD-2001-1521
Malware in sbrugna...
EUVD-2002-2166
Malware in sbrugna...
EUVD-2004-2174
Malware in sbrugna...
EUVD-2001-1522
Malware in sbrugna...
EUVD-2002-1834
Malware in sbrugna...
EUVD-2001-1490
Malware in sbrugna...
EUVD-2002-0659
Malware in sbrugna...
EUVD-2005-2307
Malware in sbrugna...
CVE-2002-2187
Unknown "file disclosure" vulnerability in Macromedia JRun 3.0, 3.1, and 4.0, related to a log file or jrun.ini, with unknown impact...
CVE-2004-2182
Session fixation vulnerability in Macromedia JRun 4.0 allows remote attackers to hijack user sessions by pre-setting the user session ID information used by the session server...
CVE-2002-2186
Macromedia JRun 3.0, 3.1, and 4.0 allow remote attackers to view the source code of .JSP files via Unicode encoded character values in a URL...
CVE-2002-1855
Macromedia JRun 3.0 through 4.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot "WEB-INF."...
Macromedia JRun 3/4 JSP Engine Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4997/info A vulnerability has been reported in Macromedia JRun for Windows that results in a denial of service condition. The vulnerability occurs when JRun encounters a malicious JSP page. The following snippet of code i...
Macromedia JRun 4 mod_jrun Buffer Overflow (CVE-2004-0646)
Macromedia JRun is an application server used to deploy J2EE Java 2 Enterprise Edition applications, JSPs Java Server Pages, and other Java applications. It can be used as a stand-alone web server or can be accessed through other web servers including Apache. Apache can communicate with the JRun...
Macromedia JRun Application Server platform multiple vulnerabilities
Source code leak, Web server DoS...
JRun mod_jrun WriteToLog buffer overflow
Added: 12/10/2005 CVE: CVE-2004-0646 BID: 11245 OSVDB: 10546 Background Macromedia JRun is a J2EE application server. modjrun is an Apache module which enables the use of JRun applications through an Apache web server. Problem A buffer overflow vulnerability in modjrun and modjrun20 allows a remo...
JRun mod_jrun WriteToLog buffer overflow
Added: 12/10/2005 CVE: CVE-2004-0646 BID: 11245 OSVDB: 10546 Background Macromedia JRun is a J2EE application server. modjrun is an Apache module which enables the use of JRun applications through an Apache web server. Problem A buffer overflow vulnerability in modjrun and modjrun20 allows a remo...
CVE-2002-2187
Technical details are not publicly available in the provided documents for CVE-2002-2187; monitor for updates.