2 matches found
CVE-2001-1513
CVE-2001-1513 affects Macromedia JRun 3.0 and 3.1. The issue allows remote attackers to obtain duplicate active user session IDs and perform actions as other users by crafting a URL request for the web application directory without the trailing '/'. This implies potential session impersonation wi...
CVE-2001-1545
Macromedia JRun 3.0/3.1 is affected by CVE-2001-1545, where the server appends the jsessionid to URLs (URL rewriting) when cookies are enabled. This can allow remote attackers to obtain session IDs and hijack sessions via HTTP referrer headers or sniffing. Public sources across NVD/Red Hat/CVE li...